Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Guest login fail login reason

This thread has been viewed 4 times

  • 1.  Guest login fail login reason

    Posted Nov 25, 2019 04:18 AM

    Is there a way to distinguish and notify the end user that is trying to connect to the guest portal (during the Pre-Auth Check) to know why the login is failing as it is shown in access tracker, missing username, wrong password etc.

    For now the user get only a general "Invalid username or password" and get confusing for them.

    inva.PNGinva not.PNGinva p.PNG



  • 2.  RE: Guest login fail login reason

    EMPLOYEE
    Posted Nov 26, 2019 06:53 AM

    It is generic security best-practice to show a generic message if authentication fails to not give away too much information. If, for example, you would show 'Invalid Username', an attacker can find out if the username is existing first, after that try to find the password.

     

    This behavior is requested by a lot of customers in their security requirements.

     

    I don't think this behaviour can be configured differently for ClearPass Guest.

     



  • 3.  RE: Guest login fail login reason

    Posted Nov 26, 2019 07:24 AM

    Thank your for your response.

    Anyway since this is a guest network access with a lot of inexperienced user and with a low security profile it would be nice to give some details to them why the login is failing. The procedure of creating an account, waiting for sponsor, waiting for mail etc is somehow complicated.