Brute force protection

@memes

  • chraebsli@programming.dev
    link
    fedilink
    arrow-up
    3
    ·
    8 months ago

    You can’t really prevent a brute force attack. Even if you prevent it from one IP or so, you can still do “distributed” brute force attacks.

    Also only allowing one password per 5 seconds or so per IP will not work if you have lots of users and they are at work and have the same IP.