Brute force protection

@memes

  • @gibmiser
    link
    1289 months ago

    As a non programmer, is the joke that humans will retype their password assuming that they made a typo?

    If so, sick indeed.

    • @[email protected]
      link
      fedilink
      English
      1019 months ago

      The guy coding made it so, on your first attempt, even if you answer correctly, it will tell you your login failed due to incorrect username or password, to joke about how it feels like you always get it wrong on the first try

      • @soloner
        link
        18
        edit-2
        9 months ago

        The logic is bugging me, though. It should be if isFirstAttempt || !isPasswordCorrect

        I understand the meme is trying to convey in spite of being correct to still return an error, but then it doesn’t account for when the password is actually incorrect.

        • @QuaternionsRock
          link
          45
          edit-2
          9 months ago

          That defeats the brute-force attack protection…

          The idea is that brute-force attackers will only check each password once, while real users will likely assume they mistyped and retype the same password.

          The code isn’t complete, and has nothing to do with actually incorrect passwords.

        • @reflectedodds
          link
          169 months ago

          Like the other person said, it’s not meant to always fail the first time you enter any password.

          It is meant to fail the first time you enter the correct password.

          • @[email protected]
            link
            fedilink
            19 months ago

            So it should be: if password == correct and first_success == true then { login failure; first_success = false }

            Something like that.

    • NutWrench
      link
      119 months ago

      I would assume that I was being phished and the attacker wanted me to re-type the password to verify that it’s correct.