Change challenge complexity based on failed logins #243

[1tchy]

Normally when a user loges in, he now has to type only 5 characters. This still leaves 916132832 possibilities. However, if someone tries to hack the server (requests many challenges) the length of the generated challenges increases to up to 10 characters (8.39E17 possibilities). Furthermore, all (and so also the 5 character long challenges) do no more work after 10 tries. So an attack on the first few short challenges does not work either. This solves issue #243.

[coveralls]

Coverage increased (+0.02%) to 83.835% when pulling d5afc51d79ea8885ec479b8ac15b7edba25dabfb on 1tchy:develop into 19c399daf585fedd6257c0212496c9da22554f86 on McPringle:develop.

[McPringle]

Thank you very much for you work on SportChef, @1tchy. If you would like to be added to the contributors section of the pom.xml file, please send me your real name by mail, Threema (M36HU8SN) or Wickr (McPringle).