Y
Hacker News
new
|
ask
|
show
|
jobs
by
Sohcahtoa82
2944 days ago
You can lock a user out of their account by spamming the server with login attempts.
1 comments
jsmeaton
2944 days ago
Yes. In this case the denial of service is against specific customer accounts for the lockout duration, not against the availability of the site.
link
jessaustin
2944 days ago
This would be bad, but what's the motivation? What fabulous prizes await the DOSer of some random account on your service?
link
jsmeaton
2939 days ago
Locking users out of their accounts isn’t the goal, it’s just an unfortunate side effect.
link