Login attempts

Mynt	#16172 18.08.2009 07:45
Donator Thanked: 1 раз	# robofreak111 : you should not be able to loging for 15 minutes after you type the wrong password/username X times. this would cut down on people guessing passwords. I got the idea from other CMS's. The only problem I see with this is your login attempts are not stored server side. Everything is tracked via a timestamp. Firebug, allows people to change the server time render for scripts. If I lock myself out of VBulletin, thats how I get another 5 login attempts. But at the same time, it is a good deterent. "I only sleep when I know I won't miss a thing."

Mynt

#16172 18.08.2009 07:45

# robofreak111 : you should not be able to loging for 15 minutes after you type the wrong password/username X times. this would cut down on people guessing passwords.

I got the idea from other CMS's.

The only problem I see with this is your login attempts are not stored server side. Everything is tracked via a timestamp. Firebug, allows people to change the server time render for scripts. If I lock myself out of VBulletin, thats how I get another 5 login attempts. But at the same time, it is a good deterent.

"I only sleep when I know I won't miss a thing."