Skip to content
This repository has been archived by the owner on Jan 30, 2024. It is now read-only.

reset code after several faild attempts #119

Merged
merged 1 commit into from
Apr 7, 2015

Conversation

equivalent
Copy link
Contributor

After several failed attempts, reset paranoid_verification_code

protection against brute force

@traxanos
Copy link
Member

traxanos commented Apr 7, 2015

it's not better to clear the token?

traxanos added a commit that referenced this pull request Apr 7, 2015
reset code after several faild attempts
@traxanos traxanos merged commit 5ee6e6b into phatworx:master Apr 7, 2015
@equivalent
Copy link
Contributor Author

it's not better to clear the token?

theoretically I can sign-out a user, or lock his account, however that adds a dependency to other Devise modules (which theoretically may not be used). My call was for really simple regeneration of verification code, I'm not saying it's best one, but good one for now.

@equivalent
Copy link
Contributor Author

you should not give some information about brute force protection

should I remove that from the view ?

@traxanos
Copy link
Member

traxanos commented Apr 7, 2015

Under the aspect of safety, i think it was better to remove. you can readd it in you custom screen if you needed, or?

@equivalent
Copy link
Contributor Author

I agree with with that, I'll just create Wiki entry so if anyone need similar functionality he/she may use it

I'll fix it in next pull request

@equivalent
Copy link
Contributor Author

#121

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants