On Sat, May 16, 2015 at 5:04 PM, Andrew Shadura <[email protected]> wrote:
> # HG changeset patch > # User Andrew Shadura <[email protected]> > # Date 1431788631 -7200 > # Sat May 16 17:03:51 2015 +0200 > # Node ID cb911e90e205bdb18fc2e2bd66549ea388d00413 > # Parent 388a6eada55925cb55cd2368e47a6115d833b4c1 > privacy: don't tell users what is the reason for a failed login > > Makes it harder for strangers to probe the instance for presence of > certain users. This can make it harder to break in, as it is now > harder to tell is a username or a password are wrong, so bruteforcing > should probably take a bit longer if you don't know what exactly are > you doing. > I changed my mind enough to push this one ;-) /Mads
_______________________________________________ kallithea-general mailing list [email protected] http://lists.sfconservancy.org/mailman/listinfo/kallithea-general
