No. of Recommendations: 0
After, say, the 5th time that you get the "invalid userid or password" message, you're actually being stopped by a "tried too many times" block but the message you get doesn't change.

I forgot to say: and the response time doesn't change pattern either. If it's been the same for the tries that were actually processed, it stays the same; if it's been changing in some pattern, it keeps the same pattern. The point is that there's no way for the hacker to tell.
Print the post  


When Life Gives You Lemons
We all have had hardships and made poor decisions. The important thing is how we respond and grow. Read the story of a Fool who started from nothing, and looks to gain everything.
Contact Us
Contact Customer Service and other Fool departments here.
Work for Fools?
Winner of the Washingtonian great places to work, and Glassdoor #1 Company to Work For 2015! Have access to all of TMF's online and email products for FREE, and be paid for your contributions to TMF! Click the link and start your Fool career.