← Back to context Comment by tinus_hn 3 years ago So now in the case of a bot attack no one can login. That doesn’t work. 4 comments tinus_hn Reply joshspankit 3 years ago What do you mean? tinus_hn 3 years ago If you block all logins for 5 seconds after a bot attempts to login, and the bot attempts to login 50 times per second, no one will be able to login. joshspankit 3 years ago I understand the confusion now.No I mean when a specific user has a failed login attempt that user has to wait 5-30 seconds before being able to try again. A legitimate user would only be affected if a bot is trying to log in as them. 1 reply →
joshspankit 3 years ago What do you mean? tinus_hn 3 years ago If you block all logins for 5 seconds after a bot attempts to login, and the bot attempts to login 50 times per second, no one will be able to login. joshspankit 3 years ago I understand the confusion now.No I mean when a specific user has a failed login attempt that user has to wait 5-30 seconds before being able to try again. A legitimate user would only be affected if a bot is trying to log in as them. 1 reply →
tinus_hn 3 years ago If you block all logins for 5 seconds after a bot attempts to login, and the bot attempts to login 50 times per second, no one will be able to login. joshspankit 3 years ago I understand the confusion now.No I mean when a specific user has a failed login attempt that user has to wait 5-30 seconds before being able to try again. A legitimate user would only be affected if a bot is trying to log in as them. 1 reply →
joshspankit 3 years ago I understand the confusion now.No I mean when a specific user has a failed login attempt that user has to wait 5-30 seconds before being able to try again. A legitimate user would only be affected if a bot is trying to log in as them. 1 reply →
What do you mean?
If you block all logins for 5 seconds after a bot attempts to login, and the bot attempts to login 50 times per second, no one will be able to login.
I understand the confusion now.
No I mean when a specific user has a failed login attempt that user has to wait 5-30 seconds before being able to try again. A legitimate user would only be affected if a bot is trying to log in as them.
1 reply →