Project

General

Profile

Actions

Feature #14222

open

Add additional checks to admin account when disabling - Prevent lockouts

Added by Jon Brown over 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default

Description

Currently on a fresh copy of pfSense and only an admin account I am able to disable this 'admin' account. This is a problem and I would give 2 suggestions:

  • Don't allow an admin account to be disabled when there are no other admin accounts.
  • Pop-up a Modal when Disabled is checked with a message like 'There are no other administrator accounts present on this router. Are you sure you want to continue? YES/NO

I am aware you can regain access via the console if needed but I don't know how this plays into the security model and lockouts as outlined above.

No data to display

Actions

Also available in: Atom PDF