Updates:
Status: Review
Comment #1 on issue 1582 by [email protected]: User and password dialog
http://code.google.com/p/openmeetings/issues/detail?id=1582
I don't think so, its common usage to show some details if either username
is wrong, not found or password is wrong.
To protect against DDO or brut force attacks you should use different
methods then obfuscate the error message, for example you only allow 3
attempts to login within 15 minutes.
--
You received this message because you are subscribed to the Google Groups
"OpenMeetings developers" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/openmeetings-dev?hl=en.
