Quote:
Originally Posted by ladida
His server is "unbrutable" because the only combo that gets you in is something like "ksl#59basBZkvlmadA:Abj4090bBZ-biadfmkdf" most likelly, and that defies the purpose of the bruteforce, since if you ONLY had such logins in your user base, you wouldn't need strongbox (or any fancy brute protection systems like pennywize, frog ...). You could protect that with basic auth (where the speed of tries/sec goes considerably higher then when sending complete data through post) and it would never get bruted. So his challenge is stupid to begin with.
But we all know that users don't have such user/pass combos.
|
Nothing could be further from the truth. Geez, why does everyone who has
absolutely no clue what they are talking about feel the need to post as though
they do? Actually we set up the test server EXACTLY the same way as we
do any other site. The user names and passwords arer short, memorable
passswords generated from our publicly available tool that you can use even
without Strongbox. It's used many times per day by many webmasters.
Have you even bothered to browse our web site before making up total BS to post?
__________________
For historical display only. This information is not current:
support@bettercgi.com ICQ 7208627
Strongbox - The next generation in site security
Throttlebox - The next generation in bandwidth control
Clonebox - Backup and disaster recovery on steroids