-
## Quest
Add additional constraints for passwords (e.g., minimum length, inclusion of special characters, etc.).
[Video Brute-Force Konbini](https://www.youtube.com/watch?v=YI-6nZFxwNg)
![image…
-
### Description
[CWE-307: Improper Restriction of Excessive Authentication Attempts](https://cwe.mitre.org/data/definitions/307.html)
An attacker can easily utilize `Plogin` to ***Brute Force*** a v…
-
Currently in the sign up and sign in forms, there are no validations performed to ensure that the created passwords are strong enough.
Maybe add some validations using zod both in client side and t…
-
We should prevent brute-forcing of passwords by locking the affected account or/and the requester ip after a certain threshold of failed login attempts.
-
### keypoints:
- FTP brute-force
`hydra -C /usr/share/seclists/Passwords/Default-Credentials/ftp-betterdefaultpasslist.txt ftp://192.168.243.183`
- [PE] PwnKit Vulnerability (CVE-2021–4034) --…
-
I love the CertificatePasswordRecovery tool, but I think it could be further enhanced. I am trying a brute force on a PFX file but I want to avoid trying passwords less than 6 characters, but there is…
-
monero-wallet-cli and monero-wallet-rpc both have a --kdf-rounds parameter and default to running the wallet password through a computationally intensive hash function, which greatly increases the tim…
-
I put everything but once i execute i get this:
```
#] Starting the brute force... …
-
STR:
1. Navigate to the URL.
2. Click the registration button
3. Fill in the password fields with valid data
Actual results
- the password field does not accept special characters
Expected results
-…
-
[How to file a helpful issue](https://www.qubes-os.org/doc/issue-tracking/)
### The problem you're addressing (if any)
Qubes OS does not support dictionary attack protection for the LUKS passphr…