Hacker News new | past | comments | ask | show | jobs | submit login

That's why an attacker will try three common passwords against every possible login name.



I doubt the IP ban is per account. Mine is a 5 failure within 1 hour rule, and if you get more than 4 of those ever you're perm-banned.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: