HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Search
-
Brute force password attack
I recently downloaded and installed Vanilla Forums on my laptop to test before I upload it to my website. During testing I noticed that there is no protection against brute force password attacks. The login system only blocks password attempts that are faster than 1 second (as far as I know). So if a hacker writes a script… -
Re: Brute force password attack
Thanks for your reply. The link you posted is very interesting. To be honest I still think the current login system is weak, because it can be attacked by a script that runs through thousands of common passwords. Some people use easy passwords and they use the same password for everything. So if a hacker gains a person’s…
2 results