Memes

45779 readers

1946 users here now

Rules:

Be civil and nice.
Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago

MODERATORS

gary_host_laptop@lemmy.ml

sexy_peach@feddit.de

cyclohexane@lemmy.ml

cypherpunks@lemmy.ml

1011

Brute force protection (rytter.me)

submitted 8 months ago by anders@rytter.me to c/memes@lemmy.ml

111 comments fedilink hide all child comments

Brute force protection

@memes

you are viewing a single comment's thread
view the rest of the comments

[–] pearsaltchocolatebar@discuss.online 185 points 8 months ago (13 children)

It's not quite complete without code on the password reset page to tell you that you can't reuse your password.

[–] kryptonianCodeMonkey@lemmy.world 130 points 8 months ago (9 children)

And label the text box "username" when it only accepts email address.

[–] gravitas_deficiency@sh.itjust.works 13 points 8 months ago* (last edited 8 months ago) (1 children)

And then validate the email with a custom regex that definitely doesn’t account for all the valid syntax permutations defined by the several email-oriented RFCs

[–] MoonMelon@lemmy.ml 3 points 8 months ago

Only on mobile though, on desktop have different criteria. Perhaps give the text box an arbitrary max length of like 30 characters on sign-in but not on account creation.

load more comments (7 replies)

load more comments (10 replies)