Revo 34 Report post Posted January 18, 2017 implement automatic temporary bans (10minutes) if an accounts password was entered wrong 10 times within 10 minutes. 0 Share this post Link to post Share on other sites
Mimma 10 Report post Posted January 18, 2017 Good suggestion, but should be after 3 times already. 0 Share this post Link to post Share on other sites
Revo 34 Report post Posted January 18, 2017 28 minutes ago, Mimma said: Good suggestion, but should be after 3 times already. why? brute force tries many thousands of passwords to get into an account, so temp banning after 3 or 10 does not really make a difference to it. on the other hand, ppl tend to forget or misstype their password 3 or more times very frequently, so banning them after 3 failed attemps will cause them a lot more trouble. 5+ sounds reasonable 0 Share this post Link to post Share on other sites
Mimma 10 Report post Posted January 18, 2017 Not banning, just delaying attempts by - say - 10 minutes. Just as you suggest :-) 0 Share this post Link to post Share on other sites
