On Thu, Mar 31, 2011 at 11:41:19AM -0500, Stan Hoeppner wrote:
> D G Teed put forth on 3/31/2011 10:21 AM:
>
> > I'd like some idea of what real world values would be useful, or additional
> > suggestions
> > on how to make the performance less attractive to users of compromised
> > accounts.
>
> When you find a reasonable and effective solution to the phishing
> problem please share it with the rest of us.
A good solution for large providers with many users some of whom may
have compromised accounts is per-user rate limiting, which is possible
via many of the more popular policy plugins.
--
Viktor.
