login sleep
Moderator: General Moderators
login sleep
I was reading in the php manual about the sleep() function and people were talking about using it for login... how does that work exactly? Where would i use it?
try here
http://www.php.net is in my opinion the best online resource for explaining php functions and the like. Of course here is even better because you can get real explantions to specific problems
try here
http://www.php.net/manual/en/function.sleep.php
try here
http://www.php.net/manual/en/function.sleep.php
Re: login sleep
lol, yeah, i was curious about a little more in depth about how i would implement this in the login processZoram wrote:I was reading in the php manual about the sleep() function and people were talking about using it for login... how does that work exactly? Where would i use it?
brute force password attacks use a massive amounts of login attemps.
If one attempt takes 0.1 seconds a hacker can try more combinations compared with a 0.1 seconds+sleep(1) interval for login responses.
i.e.this will delay each login attempt wether it is successful or not giving no clue to a hacker.
If one attempt takes 0.1 seconds a hacker can try more combinations compared with a 0.1 seconds+sleep(1) interval for login responses.
i.e.
Code: Select all
<?php
sleep(1);
if (checkLogin($_POSTї'login'], $_POSTї'pass'])
loggedIn();
else
loginFailed();
...