[Svn] [roundcube/roundcubemail] 3d9798: Make brute force attacks harder by re-generating s...
noreply at github.com
Mon Sep 28 08:59:11 CEST 2015
Author: Aleksander Machniak <alec at alec.pl>
Date: 2015-09-28 (Mon, 28 Sep 2015)
Make brute force attacks harder by re-generating security token on every failed login (#1490549)
Or more precissely use the same we did in git-master, i.e. do not base the token on
session ID, but use random bytes instead.
More information about the svn