|
Following a recent security review, the security team has recommended the implementation of the following safeguards for JIS-Link to mitigate the risks associated with automated abuse and other malicious activities. In alignment with their recommendations, the JIS-Link team is requesting the adoption of the following measures:
1. Rate Limiting on webpage ( https://www.courts.wa.gov/secure/index.cfm?fa=secure.reset&app=jislink ) used by users to reset their passwords – Intended to restrict excessive requests, thereby mitigating threats such as Brute Force, DOS, and DDOS attacks.
2. CAPTCHA – Intended to validate human interaction and prevent automated systems from gaining access to the site.
3. Randomly generate temporary passwords when processing locked or expired accounts (do not use identical temporary password across all users) – this prevents legitimate users from being locked out of their accounts and mitigates the risk of exploitation associated with known temporary passwords.
|
