title In addition to verifying yards away , what mechanism prevents hackers website password brute force it ? Because the verification code is simple and effective , but the destruction of the user experience can not be ignored , waiting for guidance. .
------ Solution ---------------------------------------- ----
verification code only client-side validation . Database password encryption , database encryption
------ Solution ---------------------------------- ----------
login page using https
------ Solution --------------------- -----------------------
can refer to the practice of bank ATM : At a certain time , consecutive login failures , that it is the brute force .
------ For reference only -------------------------------------- -
database of sensitive information must be encrypted , and verification code is mainly to prevent hackers write programs automatically request, so the request to a server, and found no verification code you know is not a normal user behavior . Want to know is there any good alternatives
------ For reference only ----------------------------- ----------
this
Thank you, I think this is feasible
没有评论:
发表评论