You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tapestry.apache.org by Apache Wiki <wi...@apache.org> on 2009/02/12 15:15:32 UTC
[Tapestry Wiki] Update of "Tapestry5HowToMitigateLoginAttacks" by Peter
Stavrinides
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Tapestry Wiki" for change notification.
The following page has been changed by Peter Stavrinides:
http://wiki.apache.org/tapestry/Tapestry5HowToMitigateLoginAttacks
------------------------------------------------------------------------------
+ ## page was renamed from Tapestry5HowToMitigatingLoginAttacks
= How To Mitigate Login Attacks =
Brute force and dictionary attacks use recursive attempts to guess passwords. One of the most effective approaches to mitigate this is to implement a delay between login attempts, which effectively slows down these scripts just enough to render them useless. The problem with implementing 'account lockout' as an alternative is that its open for abuse, and also may create some administrative overhead. This short article uses a simplified example to illustrate this principle.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org