Message6004
Hi John,
briefly checking the issue, I agree that it is an area that should be
improved.
As for using reCAPTCHA, there is an additional drawback that an external
connection is made which loses some information to the contacted server
and used network nodes.
So I'd prefer other solutions.
Slowing down fast login-attempts seems the best to me.
Also adding some sort of captca or text-cha in case of several failed
login-attempts.
Another possible improvement could be to display the last login attempts,
so that a user may notice that an attack on her account is in progress.
The most effective counter measure would probably by logging failed attempts
and monitoring the log files and network logs for active intrusion attempts. |
|
| Date |
User |
Action |
Args |
| 2017-08-25 07:26:49 | ber | set | messageid: <1503646009.06.0.878221919829.issue2550949@psf.upfronthosting.co.za> |
| 2017-08-25 07:26:49 | ber | set | recipients:
+ ber, rouilj |
| 2017-08-25 07:26:48 | ber | link | issue2550949 messages |
| 2017-08-25 07:26:47 | ber | create | |
|