Release 1.17.0 (23/03/2023)

Improvements

Exponential Back-Off Applied to Password and 2 Factor Authentication

To enhance the security of the Travel Ledger platform, we have implemented an additional layer of password and 2 factor authentication security. This places a limit on the number of incorrect password/2FA attempts you can make before being locked out for increasing amounts of time. This protects the platform against brute force hacking attempts, maintaining the security of your access.

In order to accommodate genuine errors (typos, cap locks on etc), we allow users two “free attempts” where there will be no consequence for inputting the incorrect credentials . After allowing two un-restricted initial log in attempts, the third attempt will lock for 30 sec, fourth attempt 5 minutes and fifth attempt 30 minutes.

The fifth attempt will also trigger an email notification to your inbox, advising that numerous attempts have been made to access your account.

This change applies to both password and 2FA code input.