Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
im3w1l
on April 1, 2015
|
parent
|
context
|
favorite
| on:
Enough with the Salts: Updates on Secure Password ...
A site I know allows 5 login attempts per hour. That seems plenty for legitimate purposes. I've never heard anyone complain.
warmwaffles
on April 1, 2015
[–]
But it doesn't matter if they keep hitting their service with a list of known emails and then sending bogus passwords, 5 times per email per host.
im3w1l
on April 9, 2015
|
parent
[–]
Sorry for late reply. It was 5 attempts per hour per ip. Not per email.
Join us for
AI Startup School
this June 16-17 in San Francisco!
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
