Captcha is a tool that prevents brute force attacks on the Bamboo login screen. A brute force attack occurs when an attacker uses malicious code to make automated, repeated login attempts on a Bamboo site with the aim of gaining access to that Bamboo site. If you are a Bamboo system administrator, you can configure Bamboo to block these automated login attempts. Once a certain number of failed login attempts has been reached (the default is three) Bamboo's Captcha feature will be activated. When Captcha is activated, users will need to recognise a distorted picture of a word and must type the word into a text field. This is easy for humans to do, but very difficult for computers. |
On this page: |
Enabling Captcha
To enable Captcha for Bamboo:
- Click the 'Administration' link in the top navigation bar.
- Click the 'Security Settings' link in the left navigation column to open the 'Global Security and Permission Properties' page.
- Click the 'Edit' button on this page.
- Ensure that the 'Enable Captcha' check box has been selected.
- If you wish to change the number of failed login attempts permitted by Bamboo before Captcha is activated, specify the number of failed attempts in the 'Login Attempts' field. (This field is mandatory and requires a value of 1 or more.)
- Click the 'Save' button.
Disabling Captcha
To disable Captcha:
- Click the 'Administration' link in the top navigation bar.
- Click the 'Security Settings' link in the left navigation column to open the 'Global Security and Permission Properties' page.
- Click the 'Edit' button on this page.
- Clear the 'Enable Captcha' check box.
- Click the 'Save' button.
Screenshot above: The Bamboo Login Screen with Captcha activated