Quote:
Originally Posted by raymor
Think mafia man - you just pointed out that the last guy who thought it was easy is actually
clueless. But then you think YOU have the easy and secure solution ...
5 failed attempts, you say? Never heard of a proxy list? Seriously there's a reason Strongbox
has over 7,000 lines of code - because all of the 5 minute "solutions" are as worthless as
you showed the IP-cookie to be.
|
What are the chances of guessing the correct password in 5 attempts.
Practically zero amigo. If they have the correct password then that's the customers fault and he should be warned.
7,000 lines for authentication sounds like a lot of bloat.
Banks don't use all this kind of crap, you can detect some proxys (
http://proxybl.org/), you can blanket ban most proxy lists, ask for random digits of a password etc.
Not rocket science most websites cope fine.