Comment by joshspankit
3 years ago
How about genuinely-long delays between login attempts? 5 seconds slows down a bot, 15-30 seconds could make many login attacks unrealistic.
Also: OTP 2FA?
3 years ago
How about genuinely-long delays between login attempts? 5 seconds slows down a bot, 15-30 seconds could make many login attacks unrealistic.
Also: OTP 2FA?
It’s not easy to tell two login attempts are from one bot. This kind of workaround unfortunately doesn’t work in practice. Otherwise of course this whole problem wouldn’t exist.
Why would you have to tell if they’re from one bot?
Because you want to have delays between bot login attempts?
6 replies →