-
Feature
-
Resolution: Won't Do
-
Major
-
None
-
None
We should consider adding behavior that will either throttle a Users Login attempts. Failed login attempts make you wait an x amount of time exponentially before you next login attempt. Example 2, 4, 8, 16, 32, etc...
Or at least implement a 3 strikes you're out policy until either you're account is re-activated by an admin or a certain amount of time passes.
Please see the following link for more explanation.
http://www.codinghorror.com/blog/archives/001206.html
Or at least implement a 3 strikes you're out policy until either you're account is re-activated by an admin or a certain amount of time passes.
Please see the following link for more explanation.
http://www.codinghorror.com/blog/archives/001206.html
