Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-10247

mediumint(8) too small for phpbb_login_attempts.attempt_id

    Details

    • Type: Bug
    • Status: Unverified Fix
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.9-RC3
    • Fix Version/s: 3.0.9-RC4
    • Component/s: None
    • Labels:
      None

      Description

      Mediumint is 3 bytes in MySQL. Assuming there are 25000 failed login attempts per day, we will run out of free attempt_id values after

      (2^(3×8)÷25000)÷365 = ~2

      years.

      Solution is to either drop attempt_id if it is not needed or to change it to 4 byte integer.

      Considering half a million failed login attempts per day and four bytes:

      (2^(4×8)÷500000)÷365 = ~24 years

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                nickvergessen Joas Schilling
                Reporter:
                bantu Andreas Fischer
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: