目前,我正在寻找防止软件webportal受到暴力攻击的最佳方法,并提出了以下想法:
- 3 login attempts without any visual change
- after 3 failed attempts show Google reCaptcha
- allow another 3 attempts but now you have to click the captcha every time
- if the last 3 attempts failed again lock the account
我的想法有很大的缺点,我希望你能给出一些建议:
如果每次尝试登