|
|
|
|
|
|
by lesuorac
253 days ago
|
|
|
> 1. Browser fingerprinting or ip bans. They used advanced fingerprint-shifting browsers and residential proxy ips. Don't you typically use that for valid users? As-in, you allow access when the fingerpint matches their existing fingerprint and when it doesn't you require additional information to be presented (i.e. security code). So if somebody shifts their ip around they end up needing more information than just user+pass to login but somebody that doesn't (i.e. a normal person at home) does have the easy way to login. |
|
|