Under "Settings > Access Controls > Password Policy Management" in the "Login Settings " section, there is a field named "Constant login time" with a caption that reads:
"Sets a login time that stays consistent regardless of user settings. Set a time between .001 and 5 seconds. Set to 0 to disable the feature."
I can't find this referenced in any Splunk docs or other posts. Can someone explain just what this is for?
Thanks.
Hi @apietersen and @templets,
This option adds the given time to all login responses to help mitigate login timing attacks.
constantLoginTime = <decimal> * The amount of time, in seconds, that the authentication manager waits before returning any kind of response to a login request. * This setting helps mitigate login timing attacks. If you want to use the setting, test it in your environment first to determine the appropriate value. * When you configure this setting, a login failure is guaranteed to take at least the amount of time you specify. The authentication manager adds a delay to the actual response time to keep this guarantee. * The values can use decimals. "0.025" would make responses take a consistent 25 milliseconds or slightly more. * This setting is optional. * Minimum value: 0 (Disables login time guarantee) * Maximum value: 5.0 * Default: 0
Do not understand this option either