Hi, my name is David Carr and I'm a PHP Developer.


Blog Archives Categories Authors About Me Open Source Books Contact Me

Sponsor Me

Help support the blog so that I can continue creating new content!

My Latest Book

Laravel: The Modular way

Learn how to build modular applications with Laravel Find out more

Laravel Limit Login Attempts

Laravel Framework | PHP & MySQL | Tutorials

David Carr

Laravel Limit Login Attempts

When using Laravel's Login system for authentication it has a default of 5 failed login attempts and a lockout time for 1 minute. I previously documented how to override this in Laravel earlier versions of Laravel add login throttling with custom login controller This however no longer works on Laravel 5.6 instead you can set public properties to set the maxAttempts and decayMinutes.

Put these in your LoginController:

/**
 * Set how many failed logins are allowed before being locked out.
 */
public $maxAttempts = 1;

/**
 * Set how many seconds a lockout will last.
 */
public $decayMinutes = 30;

The above would set the login attempts to be set at 1 and a lockout for 30 minutes.

Copyright © 2009 - 2022 David Carr. All code MIT license. All rights reserved.