0
I have a system with captcha on my site to try to block this login, but it is very inconvenient because the user needs to do it every time they log in, so
How to show catpcha after N login attempts?
I saw some examples with Function and Increment but would be easily circumvented by deleting cookies, some example of how to do this otherwise safely?
this link has an anti-bruteforce login system http://www.devwilliam.com.br/php/sistema-de-login-com-ajax-e-php if the number of attempts per ip exceeds you can add/redirect to captcha
– Felipe Duarte
I saw some comments saying that via IP would also be vulnerable because some bots exchange IP constantly while doing this type of hack.
– Wel
brute force is a long subject my dear, the best to do when there is no help from a security experts, is the ip lock, secure hash, intervals between attempts, captcha after an error and so goes...
– Felipe Duarte
Good as the site is small and has little movement I believe can hold then, thanks for the suggestion.
– Wel