Y
Hacker News
new
|
ask
|
show
|
jobs
by
nx
6285 days ago
Yes, that's
the
best way to prevent account hijacking, in my opinion. Or block the IP for 30 minutes after 5 failed logins, that renders any dictionary attack terribly inefficient.
1 comments
eru
6285 days ago
Better to switch to a captcha. Banning might provoke DoS attacks.
link