Quote:
Originally posted by TheSaint
I've said this before but the best solution is to do nothing, usually.
I get 2-3 attacks a day sometimes of up to a million password attempts. As long as you enforce random passwords they all fail.
Its actually cheaper in cpu and I/O cycles for most sites to do nothing. The products that try to block proxy attacks usually use more bandwith than just ignoring the problem, and they introduce the real possibility of blocking a legitimate customer.
|
You are right on enforcing random passwords... problem right currently is that we already have many members with simple passwords.