[GH-ISSUE #209] request: better auth-fail recovery #1108

New issue

Open

opened 2026-03-14 00:18:27 +03:00 by kerem · 2 comments

kerem commented

2026-03-14 00:18:27 +03:00

Owner

Originally created by @r2evans on GitHub (Sep 7, 2017).
Original GitHub issue: https://github.com/aluxnimm/outlookcaldavsynchronizer/issues/209

A co-worker recently updated their domain password but not the password stored in this. It tried (and obviously was unable to successfully connect), and then repeatedly tried again for days. By this time, of course, his IP was locked out due to the brute-force perceived by the CALDAV server. (Side-effect: because of the nature of the network and proxy, it also locked out the rest of the office, but that's another issue :-)

He reports no notification that it was failing.

Would it be possible for the sync to behave a little differently on auth fail? For instance, once the auth fails, then disable auto-sync until the user either (a) manually syncs successfully, or (b) reselects auto-sync.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

Originally created by @r2evans on GitHub (Sep 7, 2017). Original GitHub issue: https://github.com/aluxnimm/outlookcaldavsynchronizer/issues/209 A co-worker recently updated their domain password but not the password stored in this. It tried (and obviously was unable to successfully connect), and then repeatedly tried again for days. By this time, of course, his IP was locked out due to the brute-force perceived by the CALDAV server. (Side-effect: because of the nature of the network and proxy, it also locked out the rest of the office, but that's another issue :-) He reports no notification that it was failing. Would it be possible for the sync to behave a little differently on auth fail? For instance, once the auth fails, then disable auto-sync until the user either (a) manually syncs successfully, or (b) reselects auto-sync. <bountysource-plugin> --- Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/49095254-request-better-auth-fail-recovery?utm_campaign=plugin&utm_content=tracker%2F20017320&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F20017320&utm_medium=issues&utm_source=github). </bountysource-plugin>

kerem commented

2026-03-14 00:18:33 +03:00

Author

Owner

@aluxnimm commented on GitHub (Sep 9, 2017):

Do you have a central LDAP or AD account and use an IMAP mail account in Outlook with the same username? Then you could just use the account password instead of manually entering it for the sync profile and it will stay in sync with the outlook mail password.

@aluxnimm commented on GitHub (Sep 9, 2017): Do you have a central LDAP or AD account and use an IMAP mail account in Outlook with the same username? Then you could just use the account password instead of manually entering it for the sync profile and it will stay in sync with the outlook mail password.

kerem commented

2026-03-14 00:18:38 +03:00

Author

Owner

@r2evans commented on GitHub (Sep 9, 2017):

The caldav account is different than the IMAP account (different servers/domains). That would be convenient, but unfortunately not shared. (I could of course recommend that he keep the two passwords in sync to enjoy that benefit, but that goes against some security best-practices ...)

@r2evans commented on GitHub (Sep 9, 2017): The caldav account is different than the IMAP account (different servers/domains). That would be convenient, but unfortunately not shared. (I could of course recommend that he keep the two passwords in sync to enjoy that benefit, but that goes against some security best-practices ...)