Add captcha after failed login attemp.
|Reported by:||gstkein||Owned by:||John Hampton|
|Severity:||normal||Keywords:||Login, captcha, security|
It would be great if the login system would use captcha or temporary banning of IP addresses in order to prevent logging in via brute force attacks.
The idea: If a user fails at logging in, then a captcha is presented to the him/her.