Preventing brute-force login attempts [closed]
问题 Closed . This question is opinion-based. It is not currently accepting answers. Want to improve this question? Update the question so it can be answered with facts and citations by editing this post. Closed 4 years ago . I want to prevent hackers to break into my users' accounts. It is often said that: The best approach it to lockout an account temporarily after x failed login attempts. I understand this and it seems like a good idea. Using IP for example is a very bad idea - there is at