View Single Post
04-16-2008, 09:43 PM
Join Date: Nov 2007
Well the function looks pretty secure and if you'd like to test for brute forcing or some thing of the like set up a table in the database with the following fields
So you can put together the things yourself, every time a person attempts a login you fetch the information from the database and cross reference the number of attempts against the time. if they tried 3 attempts within the last minute then ban them for a set ammount of time Vbulletin does it and it works quite well.
On the site I run with my friend I've set a cronjob to run a script to look at just how many failed attempts and bans the same IP address has had over the last week. to many and I just ban them from the system.
"What everyone seems to forget is that while knowledge certainly is something - it's the implementation of knowledge that brings power" - Andres Galindo.
View Public Profile
Send a private message to TlcAndres
Find More Posts by TlcAndres