We should have some sort of throttling mechanism to prevent brute-force login attempts. It should log the times of login attempts and lock the account if there are too many failed attempts in a given time period. It should also introduce a delay in processing as the number of failed attempts increases.
We should have some sort of throttling mechanism to prevent brute-force login attempts. It should log the times of login attempts and lock the account if there are too many failed attempts in a given time period. It should also introduce a delay in processing as the number of failed attempts increases.