Results 1 to 2 of 2

Thread: Throttling

  1. Jul 12th, 2012, 02:48 PM #1
    ctwise
    ctwise is offline Junior Member
    Join Date
    Jul 2010
    Posts
    3

    Default Throttling

    I want to be able to throttle token requests for invalid secrets to prevent brute forcing. Can anyone point me to a reference that describes how to go about that?
    Reply With Quote Reply With Quote
  2. Jul 16th, 2012, 01:14 AM #2
    Dave Syer
    Dave Syer is offline Senior Member
    Join Date
    Jun 2005
    Posts
    4,230

    Default

    One way (probably the most common and certainly the easiest to implement) to do it is to use a high entropy password encoder. BCrypt was basically designed for this use case.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules