@sam not a good idea users could then block accounts of other users a simple "deadlock" for a few minutes is more than enough to keep out bot attacks or bruteforce important is that this is done via DB (not session or anything)
On 21 Aug., 17:46, Sam Sherlock <sam.sherl...@gmail.com> wrote: > All of 30 earth minutes? > > Google 'cakephp login attempts' you'll find some bakery code and a > stackexchange post amongst others. > > I would set the account inactive and require the account to be reset via > users email. > > - S > On 21 Aug 2011 16:24, "nOLL" <hasnolm...@gmail.com> wrote:> Hi, > > > Is there any way to create login function more security such as when > > the users failed to login 3 times, they only be login after 30 > > minutes. > > > Thanks. > > > -- > > Our newest site for the community: CakePHP Video Tutorials > > http://tv.cakephp.org> Check out the new CakePHP Questions > sitehttp://ask.cakephp.organd help > > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > > cake-php+unsubscr...@googlegroups.com For more options, visit this group > > athttp://groups.google.com/group/cake-php -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php