Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.

Remember

Brute force protection on reset password

+6 votes

280 views

asked Aug 17, 2022 in Plugins by Dmytro Pastovenskyi

Hi

Our security teams noticed it is possible to takeover an account by brute forcing reset password functionality.

Technically it is possible to do any number of requests (with code) on reset password page.

Are there any plugins or maybe I simply do not know how to configure system properly?

Thanks!

Q2A version: 1.8.6

Please log in or register to add a comment.

Welcome to the Q&A site for Question2Answer.

If you have a question about Q2A, please ask here, in English.

To report a bug, please create a new issue on Github or ask a question here with the bug tag.

If you just want to try Q2A, please use the demo site.