Other Security Mitigations and Tips
Handling of unsuccessful login attempts
Proper handling of unsuccessful login attempts would help lower the risk of attacks through password guessing. Some common practices include temporary suspension of user account or access right, and a longer waiting time before the user is allowed to retry, upon a predefined number of unsuccessful login attempts.
|