Security

What is "constant login time" setting and what is it for?

templets
Path Finder

Under "Settings > Access Controls > Password Policy Management" in the "Login Settings " section, there is a field named "Constant login time" with a caption that reads:

"Sets a login time that stays consistent regardless of user settings. Set a time between .001 and 5 seconds. Set to 0 to disable the feature."

I can't find this referenced in any Splunk docs or other posts.  Can someone explain just what this is for?

Thanks.

Labels (2)

scelikok
SplunkTrust
SplunkTrust

Hi @apietersen and @templets,

This option adds the given time to all login responses to help mitigate login timing attacks.

https://docs.splunk.com/Documentation/Splunk/9.0.1/Admin/Authenticationconf#Settings_for_Splunk_Auth... 

constantLoginTime = <decimal>
* The amount of time, in seconds, that the authentication manager
  waits before returning any kind of response to a login request.
* This setting helps mitigate login timing attacks. If you want to use the
  setting, test it in your environment first to determine the appropriate
  value.
* When you configure this setting, a login failure is guaranteed to take at least the
  amount of time you specify. The authentication manager
  adds a delay to the actual response time to keep this guarantee.
* The values can use decimals. "0.025" would make responses take a
  consistent 25 milliseconds or slightly more.
* This setting is optional.
* Minimum value: 0 (Disables login time guarantee)
* Maximum value: 5.0
* Default: 0

 

If this reply helps you an upvote and "Accept as Solution" is appreciated.

apietersen
Contributor

Do not understand this option either

0 Karma
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...