Add bruteforce protection
This commit is contained in:
Frederic Guillot
@@ -27,6 +27,7 @@ Security
|
||||
|
||||
- Always use HTTPS with a valid certificate
|
||||
- If you make a mobile application, it's your job to store securely the user credentials on the device
|
||||
- After 3 authentication failure on the user api, the end-user have to unlock his account by using the login form
|
||||
- Two factor authentication is not yet available through the API
|
||||
|
||||
Protocol
|
||||
|
||||
Reference in New Issue
Block a user