Brute force attack ¶

phpMyAdmin on its own does not rate limit authentication attempts in any way. This is caused by need to work in stateless environment, where there is no way to protect against such kind of things.

To mitigate this, you can use Captcha or utilize external tools such as fail2ban, this is more details described in Securing your phpMyAdmin installation.