Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Protecting the jira service desk user registration

francis
Atlassian Partner
May 13, 2018

Today we found out that some @#$%^@ created 3000+ accounts on our service desk using the signup form.

 

It is too easy for a bot to do this.  How can this be avoided.  Captcha is only triggered when the number of failed logins exceed a threshold.

 

Any suggestions?

 

Thanks

 

1 answer

1 vote
Jack [AppFox]
Atlassian Partner
May 14, 2018

Hi Francis,

We we're hit with this too!

It is very concerning that this has not been taken more seriously, as many customers have public-facing Service Desk implementation and this could cripple a system - not to mention being a right pain the ass!

Are you affected by the following bug?

https://jira.atlassian.com/browse/JSDSERVER-5706

 

Jack

francis
Atlassian Partner
May 19, 2018

Hi Jack,

The Atlassian team addressed the problem and provided a fix in SD 3.12.2 which enables captcha in the signup page.

 

Francis

Suggest an answer

Log in or Sign up to answer