}
sub punish_wrong_login {
- sleep 5;
+ my $failed_login_penalty = ($::lx_office_conf{authentication} || {})->{failed_login_penalty};
+ sleep $failed_login_penalty if $failed_login_penalty;
}
sub get_stored_password {
# hours.
session_timeout = 480
+# The number of seconds to penalize failed login attempts. 0 disables
+# it.
+failed_login_penalty = 5
+
[authentication/database]
# Connection information for the database with the user and group
# inforamtion. This information is always needed, even if LDAP is