https://community.dynatrace.com/t5/Troubleshooting/Security-Concern-Password-Complexity-and-Rate-Limiting-for-User/ta-p/286276 <P><LI-TOC indent="15" liststyle="disc" maxheadinglevel="2"></LI-TOC></P> <DIV class="lia-message-template-content-zone"> <P>*<EM>Use a table of contents for longer articles.&nbsp;</EM></P> <H1>Self Service Summary</H1> <P>The security team is reporting an insufficient rate limiting on the Dynatrace Managed user login page, which allowed multiple password attempts and potential brute-force attacks.<BR /><BR /></P> <TABLE border="1" width="100%"> <TBODY> <TR> <TD width="25%"><STRONG>Issue</STRONG></TD> <TD width="25%"><STRONG>Solution</STRONG></TD> <TD width="25%"><STRONG>Tasks</STRONG></TD> <TD width="25%"><STRONG>Alternatives</STRONG></TD> </TR> <TR> <TD width="25%">The user login page requires a username and a password for login. After three failed attempts, the system enforces a one-minute delay, allowing approximately 180 attempts per hour.</TD> <TD width="25%"> <P>Dynatrace Managed enforces strong password complexity rules, making brute-force attacks highly impractical. - See below for more information.</P> </TD> <TD width="25%">Enforce strong password policies and follow best practices.</TD> <TD width="25%">Consider integrating SSO and leveraging the additional security offered by the Identity Provider.&nbsp;</TD> </TR> </TBODY> </TABLE> <H1>&nbsp;</H1> <H1>Explanation</H1> <P>Dynatrace Managed enforces strong security measures to protect user authentication. Dynatrace has implemented <STRONG>password complexity rules</STRONG> that require a combination of uppercase, lowercase, digits, and special characters. These measures significantly reduce the feasibility of brute-force attacks.</P> <P>Based on these rules, even without additional rate-limiting mechanisms, it would take an estimated <STRONG>200 years</STRONG> to successfully brute-force a password with a minimum requirement.&nbsp;</P> <P>For more details, refer to the official documentation:<BR /><A class="fui-Link ___w5et180 f2hkw1w f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv f1mo0ibp fjoy568 ff5ikls f1s184ao f1mk8lai fnbmjn9 f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh fhgqx19 f1olyrje f1p93eir f1nev41a" tabindex="0" href="https://docs.dynatrace.com/managed/shortlink/managed-password-complexity-rules" target="_blank" rel="noopener noreferrer" data-tabster="{&quot;restorer&quot;:{&quot;type&quot;:1}}">Password Complexity Rules</A></P> <H1>Recommendations</H1> <OL> <LI>Share the official documentation with your security team to confirm compliance with best practices.</LI> <LI>Ensure that all users follow the enforced password complexity requirements.</LI> <LI>Regularly review and rotate passwords as part of your organization’s security policy.</LI> <LI>Consider integrating SSO for additional security from the Identity Provider.</LI> <LI>If additional security features are desired, such as CAPTCHA or progressive delays, submit a product idea:<BR /><A href="https://community.dynatrace.com/t5/Community-user-guide/Product-ideas/ba-p/159825" target="_blank" rel="noopener">Dynatrace Product Ideas</A></LI> </OL> </DIV> Thu, 25 Sep 2025 21:44:31 GMT jonghpark 2025-09-25T21:44:31Z https://community.dynatrace.com/t5/Troubleshooting/Security-Concern-Password-Complexity-and-Rate-Limiting-for-User/ta-p/286276 <P><LI-TOC indent="15" liststyle="disc" maxheadinglevel="2"></LI-TOC></P> <DIV class="lia-message-template-content-zone"> <P>*<EM>Use a table of contents for longer articles.&nbsp;</EM></P> <H1>Self Service Summary</H1> <P>The security team is reporting an insufficient rate limiting on the Dynatrace Managed user login page, which allowed multiple password attempts and potential brute-force attacks.<BR /><BR /></P> <TABLE border="1" width="100%"> <TBODY> <TR> <TD width="25%"><STRONG>Issue</STRONG></TD> <TD width="25%"><STRONG>Solution</STRONG></TD> <TD width="25%"><STRONG>Tasks</STRONG></TD> <TD width="25%"><STRONG>Alternatives</STRONG></TD> </TR> <TR> <TD width="25%">The user login page requires a username and a password for login. After three failed attempts, the system enforces a one-minute delay, allowing approximately 180 attempts per hour.</TD> <TD width="25%"> <P>Dynatrace Managed enforces strong password complexity rules, making brute-force attacks highly impractical. - See below for more information.</P> </TD> <TD width="25%">Enforce strong password policies and follow best practices.</TD> <TD width="25%">Consider integrating SSO and leveraging the additional security offered by the Identity Provider.&nbsp;</TD> </TR> </TBODY> </TABLE> <H1>&nbsp;</H1> <H1>Explanation</H1> <P>Dynatrace Managed enforces strong security measures to protect user authentication. Dynatrace has implemented <STRONG>password complexity rules</STRONG> that require a combination of uppercase, lowercase, digits, and special characters. These measures significantly reduce the feasibility of brute-force attacks.</P> <P>Based on these rules, even without additional rate-limiting mechanisms, it would take an estimated <STRONG>200 years</STRONG> to successfully brute-force a password with a minimum requirement.&nbsp;</P> <P>For more details, refer to the official documentation:<BR /><A class="fui-Link ___w5et180 f2hkw1w f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv f1mo0ibp fjoy568 ff5ikls f1s184ao f1mk8lai fnbmjn9 f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh fhgqx19 f1olyrje f1p93eir f1nev41a" tabindex="0" href="https://docs.dynatrace.com/managed/shortlink/managed-password-complexity-rules" target="_blank" rel="noopener noreferrer" data-tabster="{&quot;restorer&quot;:{&quot;type&quot;:1}}">Password Complexity Rules</A></P> <H1>Recommendations</H1> <OL> <LI>Share the official documentation with your security team to confirm compliance with best practices.</LI> <LI>Ensure that all users follow the enforced password complexity requirements.</LI> <LI>Regularly review and rotate passwords as part of your organization’s security policy.</LI> <LI>Consider integrating SSO for additional security from the Identity Provider.</LI> <LI>If additional security features are desired, such as CAPTCHA or progressive delays, submit a product idea:<BR /><A href="https://community.dynatrace.com/t5/Community-user-guide/Product-ideas/ba-p/159825" target="_blank" rel="noopener">Dynatrace Product Ideas</A></LI> </OL> </DIV> Thu, 25 Sep 2025 21:44:31 GMT https://community.dynatrace.com/t5/Troubleshooting/Security-Concern-Password-Complexity-and-Rate-Limiting-for-User/ta-p/286276 jonghpark 2025-09-25T21:44:31Z