I think it would be nice to have a fogot password throttle available out of the box (like login). Currently this can be used to brute force information gain about registered email addresses. Combined with extensive rainbowtables with password combinations and (lazy users) out there this can lead to compromised accounts.
Hey all,
I think it would be nice to have a fogot password throttle available out of the box (like login). Currently this can be used to brute force information gain about registered email addresses. Combined with extensive rainbowtables with password combinations and (lazy users) out there this can lead to compromised accounts.