• BlackPenguins@lemmy.world
    link
    fedilink
    arrow-up
    22
    arrow-down
    6
    ·
    1 year ago

    Yeah this is like 85% the users fault. If the website stores passwords in plaintext, it’s their fault. If the user used “password” as a password it’s their fault. The site could have been more helpful by having a cool down between incorrect passwords and monitor of failed attempts.

    • SeaJ@lemm.ee
      link
      fedilink
      arrow-up
      19
      arrow-down
      4
      ·
      1 year ago

      What you are describing kind of seems like 85% the site’s fault. Having no lock after failed attempts is a pretty epic fail. That combined with lax password requirements leaves the whole thing open to brute force.