no, since it first checks if the password is correct. if it is, display error message. if it is corrent and the second time, accept the password (code not in screenshot) but if the password is wrong, it doesnt check if it is the first attempt.
IT enthusiast & web developer from Switzerland
no, since it first checks if the password is correct. if it is, display error message. if it is corrent and the second time, accept the password (code not in screenshot) but if the password is wrong, it doesnt check if it is the first attempt.
i will never hear “alpha male” the same from now on.
but you are right!😂
Great idea for when you start in IT! Always had trouble first year in my apprenticeship when i had accidentally opened vim. Ask for first time and after 2 months not used.
Did someone already open a pull request?
You can’t really prevent a brute force attack. Even if you prevent it from one IP or so, you can still do “distributed” brute force attacks.
Also only allowing one password per 5 seconds or so per IP will not work if you have lots of users and they are at work and have the same IP.