Skip to content
  • About
    • What is Symfony?
    • Community
    • News
    • Contributing
    • Support
  • Documentation
    • Symfony Docs
    • Symfony Book
    • Screencasts
    • Symfony Bundles
    • Symfony Cloud
    • Training
  • Services
    • Platform.sh for Symfony Best platform to deploy Symfony apps
    • SymfonyInsight Automatic quality checks for your apps
    • Symfony Certification Prove your knowledge and boost your career
    • SensioLabs Professional services to help you with Symfony
    • Blackfire Profile and monitor performance of your apps
  • Other
  • Blog
  • Download
sponsored by SensioLabs
  1. Home
  2. Documentation
  3. Bundles
  4. SchebTwoFactorBundle
  5. Brute Force Protection
  • Documentation
  • Book
  • Reference
  • Bundles
  • Cloud

Table of Contents

  • 1) Log failed two-factor attempts
  • 2) Block authentication

Brute Force Protection

Edit this page

Brute Force Protection

Brute force protection is essential for two-factor authentication, because otherwise the authentication code could just be guessed by an attacker. The bundle doesn't come with a predefined anti brute force solution, but you can easily implement one by listening to the events provided by the bundle.

1) Log failed two-factor attempts

Register a listener for the scheb_two_factor.authentication.failure event. Log whatever you need (IP, user, etc.) to detect brute force attacks.

2) Block authentication

Register a listener for the scheb_two_factor.authentication.attempt event. Execute your brute-force detection logic and decide if the attempt should be blocked. Since that event is dispatched directly before the two-factor code is checked, you can prevent that from happening by throwing a new exception of type Symfony\Component\Security\Core\Exception\AuthenticationException. That exception will be caught by the authentication layer and the exception message is shown to the user.

This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.
TOC
    Version
    We stand with Ukraine.
    Version:
    Online exam, become Sylius certified today

    Online exam, become Sylius certified today

    Peruse our complete Symfony & PHP solutions catalog for your web development needs.

    Peruse our complete Symfony & PHP solutions catalog for your web development needs.

    Symfony footer

    ↓ Our footer now uses the colors of the Ukrainian flag because Symfony stands with the people of Ukraine.

    Avatar of Lluis Toyos, a Symfony contributor

    Thanks Lluis Toyos (@tolbier) for being a Symfony contributor

    4 commits • 17 lines changed

    View all contributors that help us make Symfony

    Become a Symfony contributor

    Be an active part of the community and contribute ideas, code and bug fixes. Both experts and newcomers are welcome.

    Learn how to contribute

    Symfony™ is a trademark of Symfony SAS. All rights reserved.

    • What is Symfony?

      • Symfony at a Glance
      • Symfony Components
      • Case Studies
      • Symfony Releases
      • Security Policy
      • Logo & Screenshots
      • Trademark & Licenses
      • symfony1 Legacy
    • Learn Symfony

      • Symfony Docs
      • Symfony Book
      • Reference
      • Bundles
      • Best Practices
      • Training
      • eLearning Platform
      • Certification
    • Screencasts

      • Learn Symfony
      • Learn PHP
      • Learn JavaScript
      • Learn Drupal
      • Learn RESTful APIs
    • Community

      • SymfonyConnect
      • Support
      • How to be Involved
      • Code of Conduct
      • Events & Meetups
      • Projects using Symfony
      • Downloads Stats
      • Contributors
      • Backers
    • Blog

      • Events & Meetups
      • A week of symfony
      • Case studies
      • Cloud
      • Community
      • Conferences
      • Diversity
      • Documentation
      • Living on the edge
      • Releases
      • Security Advisories
      • SymfonyInsight
      • Twig
      • SensioLabs
    • Services

      • SensioLabs services
      • Train developers
      • Manage your project quality
      • Improve your project performance
      • Host Symfony projects

      Deployed on

    Follow Symfony

    Search by Meilisearch