>From the api documentation: "Because this method can be a vector for a brute force dictionary attack to determine a user's password, it is limited to 15 requests per 60 minute period (starting from your first request)."
Is this per user? ie: if my server queries user A and gets credentials verified ok after 14 other users verify am I locked out or is it just after 15 tries for the same user? The former would seem illogical but I just want to make sure... Thanks, Bob