[thelist] Prevent dictionary attacks on passwords

Danny Goodman dannyg at dannyg.com
Tue Jul 24 12:33:32 CDT 2007

> Dictionary attacks are normally fast and furious, not slow and deliberate so
> setting your threshold to 3 failures in 5 seconds would be a good start.

I don't know about password dictionary attacks, but I've seen a new approach
to email account dictionary attacks thanks to bot-nets. See the first three
paragraphs of:


This could have an impact on your defense designs.


More information about the thelist mailing list