3 Matching Annotations
  1. Mar 2023
    1. Another option would be to implement a delay scheme to avoid a brute force attack. After each failed attempt A, the authentication server would wait for an increased T*A number of seconds, e.g., say T = 5, then after 1 attempt, the server waits for 5 seconds, at the second failed attempt, it waits for 5*2 = 10 seconds, etc.
    1. It is suggested that verification be locked out after a small number of failed attempts or that each failed attempt attracts an additional (linearly increasing) delay.