[OWASP_PHPSEC] Dictionary Attack ?

Johanna Curiel johanna.curiel at owasp.org
Sun Jun 2 01:04:14 UTC 2013


account locks are necessary as a way to mitigate the use of brute force for logins

in which scenario will this be used, for example

an evil db admin who tries to decrypt passwords or brute force attacks on login attempt?

regards

Johanna




On 31 mei 2013, at 23:13, rahul chaudhary <rahul300chaudhary400 at gmail.com> wrote:

> HI...I am still searching for this, but I thought it would be faster if I ask it here.
> 
> Do you know any way to stop dictionary attacks. We can keep a list of dictionary words and see if user-supplied password matches any of them. But other than this, do you suggest anything?
> 
> -- 
> Regards,
> Rahul Chaudhary
> Ph - 412-519-9634
> _______________________________________________
> OWASP_PHP_Security_Project mailing list
> OWASP_PHP_Security_Project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp_php_security_project


More information about the OWASP_PHP_Security_Project mailing list