Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
henvic
on Dec 14, 2016
|
parent
|
context
|
favorite
| on:
New NIST password guidelines: don't require charac...
So the solution for you seems to be allowing bad guys DoS your system because bad guys can do bad things, is it?
jessaustin
on Dec 14, 2016
|
next
[–]
Is per-IP rate limiting the
only
one way to respond to auth DoS? Different situations involve different trade-offs.
eli
on Dec 14, 2016
|
prev
[–]
Rate limiting. Not denying service. Bad guys could cause you to have to wait some number of seconds to log in.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
