I'd like to see a list of recent login attempts (whether successful or failed) into the Linode Manager under my username, so that I can tell whether someone has attempted to gain unauthorized access to it. Yahoo! and Google provide this feature, so it would be great if Linode would implement it as well.

_________________
House of DragonLord, powered by openSUSE

The only downside of that I can think of offhand is if the Manager page gets hammered with login attempts, your list may suddenly bloom oneday!

But I'm sure Linode has protection for that, so I would agree that it would be a good feature that should take a minimum of effort to integrate. </2cents>

If you turn on IP whitelisting, you get an email whenever a user from an unknown IP tries to log in to your account.

That's only after a successful login though, right?

In this case, the log in attempt is not successful because the IP is not on the whitelist.

If the log in is successful because the IP has been added to the whitelist, no email is sent.

No, I meant the email is only sent if the correct user/password are entered, but IP is not on whitelist, right?

Oh, I understand now... Yes, that's correct.

I don't use IP whitelisting because I don't have static IP addresses, and I would end up having to whitelist a whole bunch of IPs that would only be used temporarily. I do use two-factor authentication with Google Authenticator, though.

While this requires manual review, a list of recent login attempts (with geolocation for the IPs) is more useful that an IP whitelist for people with dynamic IP addresses.

--DragonLord

_________________
House of DragonLord, powered by openSUSE

Out of interest, how useful would this be? What would you do with this information?

This information can be used to detect unauthorized login attempts. Yahoo! already provides this kind of information.

--DragonLord

_________________
House of DragonLord, powered by openSUSE

Ok, so you learn that someone has been trying to get into your account, and you have a list of a few IPs, and the number of failures per IP. What would you do with that?

Well, you can change your password or take other action to secure the account.

--DragonLord

_________________
House of DragonLord, powered by openSUSE

How would changing your password make the account more secure? If the attacker had the (old) password, he'd be in already.

So? I use whitelisting and Google Authenticator (well, with Authy). And I tend to log in from various places depending on where I am. Is it hassle? Yes!

But security should be a hassle. Like I have a Yubikey - I never let it sit in my computer - I use it and take it back out.

To be frank, if it was all easy, and no hassle with security, I wouldn't trust the security. When you have to check your email for 20th time that day to get your current IP whitelisted or when you have to reach out for your phone to get the Google Authenticator code for the 25th time that day, that's when you start having decent security.

_________________
lakridserne
Serverfruit - shared and managed VPS hosting, SSL certificates and domains
Awesome servers rented from Linode!

Any time there's a login attempt, an email is sent. This is because you use that email to authorize the IP address that tried to log in, if it fact it was yours.

_________________
Homepage www.sturmkrieg.com
Social network Gamernet
Development website Sashaweb Development
Imageboard img.sturmkrieg.com
WikiHub free wiki host Community Wiki