Memes

45550 readers

1283 users here now

Rules:

Be civil and nice.
Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago

MODERATORS

[email protected]

1018

Brute force protection (rytter.me)

submitted 7 months ago by [email protected] to c/[email protected]

111 comments fedilink hide all child comments

Brute force protection

@memes

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 7 months ago (2 children)

How does that stop a brute force attack? As written, it only stops the single luckiest brute force attack that happens to get the password right on their first try.

[–] [email protected] 3 points 7 months ago

You can't really prevent a brute force attack. Even if you prevent it from one IP or so, you can still do "distributed" brute force attacks.

Also only allowing one password per 5 seconds or so per IP will not work if you have lots of users and they are at work and have the same IP.

[–] [email protected] 1 points 7 months ago

It wouldn't stop most brute force attacks, which are not performed on the live web service, but rather on a password hasb list that was stolen via some other means.