Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:
Odoo has parameters to limit the login attempts and apply a cooldown.
base.login_cooldown_after
base.login_cooldown_duration
But, this only works when you fail the username, if you have an active username, you can attempt as many times as you want until you guess the correct password.
Is there any way to apply the cooldown even if the username is correct?
Odoo's login security is absolutely inadequate and is far away from any contemporary system. Even the 2-factor authentication does not change this, because without a timeout you can simply close the browser and no longer need to log in at all!
We have had very good experiences with a module from Webkul (Odoo User Login Security) that considerably improves password security (also against brute force attacks, for example). Should actually be standard!
1. Use the live chat to ask your questions.
2. The operator answers within a few minutes.
