diff --git a/authentik/sources/ldap/auth.py b/authentik/sources/ldap/auth.py
index 0d052a42a..7b8233c7f 100644
--- a/authentik/sources/ldap/auth.py
+++ b/authentik/sources/ldap/auth.py
@@ -7,7 +7,7 @@ from structlog.stdlib import get_logger
 
 from authentik.core.auth import InbuiltBackend
 from authentik.core.models import User
-from authentik.sources.ldap.models import LDAPSource
+from authentik.sources.ldap.models import LDAP_TIMEOUT, LDAPSource
 
 LOGGER = get_logger()
 LDAP_DISTINGUISHED_NAME = "distinguishedName"
@@ -62,6 +62,7 @@ class LDAPBackend(InbuiltBackend):
                 user=user.attributes.get(LDAP_DISTINGUISHED_NAME),
                 password=password,
                 raise_exceptions=True,
+                receive_timeout=LDAP_TIMEOUT,
             )
             temp_connection.bind()
             return user
diff --git a/authentik/sources/ldap/models.py b/authentik/sources/ldap/models.py
index fb83adf98..c5a6c123a 100644
--- a/authentik/sources/ldap/models.py
+++ b/authentik/sources/ldap/models.py
@@ -9,6 +9,8 @@ from rest_framework.serializers import Serializer
 from authentik.core.models import Group, PropertyMapping, Source
 from authentik.lib.models import DomainlessURLValidator
 
+LDAP_TIMEOUT = 15
+
 
 class LDAPSource(Source):
     """Federate LDAP Directory with authentik, or create new accounts in LDAP."""
@@ -86,12 +88,13 @@ class LDAPSource(Source):
     def connection(self) -> Connection:
         """Get a fully connected and bound LDAP Connection"""
         if not self._connection:
-            server = Server(self.server_uri, get_info=ALL)
+            server = Server(self.server_uri, get_info=ALL, connect_timeout=LDAP_TIMEOUT)
             self._connection = Connection(
                 server,
                 raise_exceptions=True,
                 user=self.bind_cn,
                 password=self.bind_password,
+                receive_timeout=LDAP_TIMEOUT,
             )
 
             self._connection.bind()