The AuthTime property value specifies the maximum number of user authentication attempts that are permitted until the server terminates the client connection. A value of zero specifies the default value of 60 seconds. If the value is non-zero, the minimum value is 20 seconds and the maximum value is 300 seconds (5 minutes). This value is used to ensure that a client has successfully authenticated itself within a limited period of time. This prevents a potential denial-of-service attack against the server where clients establish connections and hold them open without authentication. In conjunction with the AuthFail property, this also limits the ability of a client to attempt to probe the server for valid username and password combinations.
Copyright © 2019 Catalyst Development Corporation. All rights reserved.