Block incorrect password guesses after 1000 attempts from the same IP address but allow every other attempt after the 2000th
combine that with Missing Controls
- weak password policies
- lack of two-factor authentication
For more Info:
http://www.hotforsecurity.com/blog/20-million-instagram-accounts-were-put-at-risk-through-sloppy-security-hole-13982.html
No comments:
Post a Comment