Memes

45439 readers

1334 users here now

Rules:

Be civil and nice.
Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago

MODERATORS

[email protected]

1002

Brute force protection (rytter.me)

submitted 7 months ago by [email protected] to c/[email protected]

102 comments fedilink hide all child comments

Brute force protection

@memes

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 178 points 7 months ago (13 children)

It's not quite complete without code on the password reset page to tell you that you can't reuse your password.

[–] kryptonianCodeMonkey 130 points 7 months ago (9 children)

And label the text box "username" when it only accepts email address.

[–] helpImTrappedOnline 61 points 7 months ago (2 children)

Don't forget to have hidden password requirements and secretly truncate any password longer than 12 characters.

[–] kautau 31 points 7 months ago

Well yeah, if you don’t truncate the password to 12 chars how will you fit the plaintext in a memory efficient fixed latin1 CHAR column that only accepts letters, numbers, and underscores

[–] Buddahriffic 3 points 7 months ago (1 children)

Battle.net used to not be case-sensitive for passwords, back in like the pre-wow era.

[–] helpImTrappedOnline 1 points 7 months ago

Intresting. At least they got their act together, even making a physical totp authenticator in the 2000s.

load more comments (6 replies)

load more comments (9 replies)