This article talks about how to defeat dictionary login attacks. Interesting approach. I was thinking in the same lines as this one when trying to reason out another issue. What led me was the thought about why IE does not promt/remember userids and passwords in certain webpages for example, mail.yahoo.com.
Though I use the page several times in a day, IE's autocomplete does not promt or populate the login id text box. I am sure they might have implemented this or something similar to this.
But, this method is quite nifty.
Preventing Automated / Dictionary Login Attacks without the use of CAPTCHA
No comments:
Post a Comment