Better method of stopping bruteforcing?

Asked Jul 27 '12 at 17:12

Active Jul 27 '12 at 17:12

Viewed 63 times

Possible Duplicate:
How can I throttle user login attempts in PHP

I have a system that will automatically deny anyone access to login for fifteen minutes after they have failed three login attempts. I'm curious to know if there's a better method of stopping bruteforcing without having to use this system which can be a pain to my users?

Thanks.

edited May 23 '17 at 10:34

Community

asked Jul 27 '12 at 17:12

Eddy Freeman

3,207
6
35
55

Block IP - create a db table to store IP when failed attempt - After certain number of attempts show Captcha – TigerTiger Jul 27 '12 at 17:14
A captcha would work, but its also very annoying for real users! – craig1231 Jul 27 '12 at 17:15
2

See http://stackoverflow.com/questions/2090910/how-can-i-throttle-user-login-attempts-in-php – DaveP Jul 27 '12 at 17:16
@DaveP is right. The accepted answer to that question isn't actually the best, but there are good ones there. – egrunin Jul 27 '12 at 17:27

Better method of stopping bruteforcing?

0 Answers0