Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
Bikonja23837yA human will barely notice a 1 second delay while a brute force attack relies on thousands of attempts within that second and will therefore be severely hindered by the delay.
-
b3b340657yI totally understand that but in case a user wants to login and his account is being brute forced at the same time he can't login :/ nah whatever I'll just do it like that :)
-
tiledcode457yMaybe block the account and send a mail with a simple re-activation link to the account owner
-
When a user has entered their password wrong for mostly 3-5 times, their account gets blocked and they need to click on an unblock link. In order to get access again (sent through email).
Related Rants
What are you guys doing against brute force attacks on your login webpages? I don't want anybody to access my porn ( ͡° ͜ʖ ͡°). But I don't want to block the useraccount because that would be annoying because you could simple lock a user out of his account :/ any suggestions? What are you doing on your sites?
undefined
porn!
my
nobody
accesses