But it doesn't matter if they keep hitting their service with a list of known em... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		warmwaffles on April 1, 2015 \| parent \| context \| favorite \| on: Enough with the Salts: Updates on Secure Password ... But it doesn't matter if they keep hitting their service with a list of known emails and then sending bogus passwords, 5 times per email per host.

im3w1l on April 9, 2015 [–]

Sorry for late reply. It was 5 attempts per hour per ip. Not per email.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact