I started logging failed logins attempts on my website with a message like
Failed login attempt by qntmfred
I've noticed some of these logs look like
Failed login attempt by qntmfredmypassword
I'm guessing some people had a failed login because they typed their username and their password in the username field. Passwords are hashed in the database, but if somehow the db got compromised, these log messages could be a way for an attacker to figure out passwords for whatever small percentage of people end up having a failed login such as this.
Is there a better way to handle this? Should I even worry about this possibility?
Best Answer
Try it like this:
If the username exists, log "failed login attempt by
username
". If not, log "failed login attempt by IP123.45.67.89
" instead. That should take care of the problem of having passwords show up in the log accidentally.