SharePoint "Anyone with the Link" - How to Prevent Password Brute-force Attack

Copper Contributor

We are using the "Anyone with the Link" feature on SharePoint with password protection enabled. We accessed the link and manually tried 30+ wrong passwords in a row without being stopped by SharePoint.


My question is, are there any measure we can take to prevent the password of a link being brute-force attacked? e.g. Block a user from password attempts after a certain number of wrong password input (say, 3 times), for a certain period of time (say, 30 minutes). Or any anti-DDOS mechanism to stop such consecutive password attempts. Or any audit trail or alerts for such suspicious activity?


Thank you for attention.

0 Replies