this post was submitted on 13 Mar 2024
1004 points (96.9% liked)

Memes

45740 readers
1244 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml
1004
Brute force protection (rytter.me)
submitted 8 months ago by anders@rytter.me to c/memes@lemmy.ml
108 comments fedilink hide all child comments
 

Brute force protection

@memes

you are viewing a single comment's thread
view the rest of the comments
[–] TORFdot0@lemmy.world 27 points 8 months ago (5 children)

If they had the password right the first try, that isn't a brute force attack, thats a credential leak.

[–] winterayars@sh.itjust.works 16 points 8 months ago

It should be that it rejects the password the first time it's entered correctly but accepts it on every subsequent try. That actually would provide some protection against like dictionary attacks and raw brute force attacks.

[–] UnrepententProcrastinator@lemmy.ca 16 points 8 months ago

I think the author attempted first time login to be with the right password.

[–] iAvicenna@lemmy.world 8 points 8 months ago

could also work in a brute force scenario, but first attempt would be not first attempt in a set amount of time but first attempt for each password by the user in a fixed amount of time

[–] jjagaimo@lemmy.ca 3 points 8 months ago

Don't trust anyone - not even yourself