Forum Discussion

SamYuen's avatar
SamYuen
Copper Contributor
Nov 03, 2023

SharePoint "Anyone with the Link" - How to Prevent Password Brute-force Attack

We are using the "Anyone with the Link" feature on SharePoint with password protection enabled. We accessed the link and manually tried 30+ wrong passwords in a row without being stopped by SharePoint.

 

My question is, are there any measure we can take to prevent the password of a link being brute-force attacked? e.g. Block a user from password attempts after a certain number of wrong password input (say, 3 times), for a certain period of time (say, 30 minutes). Or any anti-DDOS mechanism to stop such consecutive password attempts. Or any audit trail or alerts for such suspicious activity?

 

Thank you for attention.

No RepliesBe the first to reply

Resources