I'm building a custom classifieds system, and am using a simple 4 digit password that's generated and saved with each ad (It's random for each ad).
One of the things I want to implement is a way to lock out people trying to hack the passwords. Two things comes to mind, the first being bruteforcing (Such as using Hydra), so possibly looking for and lock out a user that makes more then 2 calls per second to the remove-ad page. As well as look for and lock out someone with more then 10 wrong password attempts for the same ad. I have no idea where to start with this using OpenBD and CFML, so if anyone has any pointers I'd be more then happy to hear it. -- online documentation: http://openbd.org/manual/ google+ hints/tips: https://plus.google.com/115990347459711259462 http://groups.google.com/group/openbd?hl=en Join us @ http://www.OpenCFsummit.org/ Dallas, Feb 2012
