[Koha-bugs] [Bug 21190] New: GDPR: Log successful/unsuccessful login attempts

Thu Aug 9 15:30:46 CEST 2018

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21190

            Bug ID: 21190
           Summary: GDPR: Log successful/unsuccessful login attempts
 Change sponsored?: ---
           Product: Koha
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5 - low
         Component: Authentication
          Assignee: koha-bugs at lists.koha-community.org
          Reporter: vfernandes at keep.pt
        QA Contact: testopia at bugs.koha-community.org
                CC: dpavlin at rot13.org

Under the auspices of the recently issued European legislation regarding data
privacy (GDPR), the Portuguese government has issued a series of mandatory
requirements, as well as general recommendations, for software applications
that are implemented under the umbrella of public bodies (RCM 41/2018).

Since Koha is mostly used by municipalities and universities in Portugal, some
of these mandatory requirements need to be address by Koha implementers in
Portugal.

We believe that this requirement is also useful for the community at large.
Here’s a description of the requirement.

*** Requirement description ***

The application MUST log successful and unsuccessful authentication operations. 
This is useful, for example, to detect that a user account is being hacked.

*** Scope ***

Applies in all cases.

-- 
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.