surfingdmx
commented
5 years ago See following links/packages:
Open surfingdmx opened 5 years ago
surfingdmx
commented
5 years ago See following links/packages:
If someone evil tries to brute force a login, there should be at least one countermeasure. For instance, it could be possible to block the user temporarily, or to introduce a captcha after a certain number of failed attempts. It is also possible to introduce a short delay on login attempts (maybe about 500ms) to slow down a brute force attacker. If a user authenticates successfully, he/she should see a number of failed attempts since the last successful login.