You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
One way to mitigate brute force attacks is to exponentially add a delay before a user can retry to login again, which is not supported by this gem so far.
There should be a configurable option which allow one to tell:
how many requests can be performed without any wait delay (example: the 5 first attempts are free of any delay for retry, which will avoid to annoy most of the users)
linear or exponential factor to calculate the delay, or a method that would allow one to customize the delay
A flash message explaining to the user that he reached a certain amount of login attempt failure and he has to wait for N seconds/minutes/hours before to retry should be added too.
This feature would be based on the failed_attempts value in order to calculate the delay to be waited.
The text was updated successfully, but these errors were encountered:
One way to mitigate brute force attacks is to exponentially add a delay before a user can retry to login again, which is not supported by this gem so far.
There should be a configurable option which allow one to tell:
A flash message explaining to the user that he reached a certain amount of login attempt failure and he has to wait for N seconds/minutes/hours before to retry should be added too.
This feature would be based on the
failed_attemptsvalue in order to calculate the delay to be waited.The text was updated successfully, but these errors were encountered: