GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Tech Password Sharing Prevention (Password Sentry, Strongbox, etc)

floresmedia · 10-08-2018, 09:46 PM

For bruteforce you can do a few things. First you should never save raw password to your database but rather save encrypted password using bcrypt or similar.

Then you can limit login tries. Either on the server side using fail2ban and blacklist ips after failed login attempts. Or by locking an account until the user is able to validate using another method of your choice.

10-08-2018, 09:46 PM
floresmedia Confirmed User Industry Role: Join Date: May 2017 Location: California Posts: 133	For bruteforce you can do a few things. First you should never save raw password to your database but rather save encrypted password using bcrypt or similar. Then you can limit login tries. Either on the server side using fail2ban and blacklist ips after failed login attempts. Or by locking an account until the user is able to validate using another method of your choice. __________________ Ditch traditional hosting an go cloud. I can help. Contact: [email protected]