<div>
What exactly do you mean with balance?<br />
<br />
From the business point of view (CTO)<br />
From the maintenence point of view (FTEs / ROI)<br />
From the technical point of view (Code standardization, Complexity)<br />
Other... .<br />
<br />
Rgrds,<br />
<br />

</div>


What exactly do you mean with balance?

From the business point of view (CTO)
From the maintenence point of view (FTEs / ROI)
From the technical point of view (Code standardization, Complexity)
Other... .

Rgrds,



<div>
Thanks Chris some good advice there
</div>


<div>
<div class="content wysiwyg-content">
How do you strike a balance in your web apps between protecting yourselves from brute force type attacks by deploying account lockout mechanisms, and your account lockout mechanisms being abused by malicious sources to create a DoS on the user acct logging in? Theres an argument to have account lockout to prevent brute force, but also an argument not to have for critiical apps due to the potential for DoS
</div>
</div>


How do you strike a balance in your web apps between protecting yourselves from brute force type attacks by deploying account lockout mechanisms, and your account lockout mechanisms being abused by malicious sources to create a DoS on the user acct logging in? Theres an argument to have account lockout to prevent brute force, but also an argument not to have for critiical apps due to the potential for DoS

brute force / DoS / Acct Lockout

Web applications are systems that run in browsers that perform functions normally associated with other client-based programs. One of the most commonly used web applications is email; instead of downloading individual emails to a local machine, the data is shown through a website. Other examples of web applications are collaborative systems like a wiki or an online game.