You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tapestry.apache.org by Apache Wiki <wi...@apache.org> on 2009/02/12 15:15:32 UTC

[Tapestry Wiki] Update of "Tapestry5HowToMitigateLoginAttacks" by Peter Stavrinides

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tapestry Wiki" for change notification.

The following page has been changed by Peter Stavrinides:
http://wiki.apache.org/tapestry/Tapestry5HowToMitigateLoginAttacks

------------------------------------------------------------------------------
+ ## page was renamed from Tapestry5HowToMitigatingLoginAttacks
  = How To Mitigate Login Attacks =
  
  Brute force and dictionary attacks use recursive attempts to guess passwords. One of the most effective approaches to mitigate this is to implement a delay between login attempts, which effectively slows down these scripts just enough to render them useless. The problem with implementing 'account lockout' as an alternative is that its open for abuse, and also may create some administrative overhead. This short article uses a simplified example  to illustrate this  principle.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org