2015-06-25, 09:47 AM
Login methods and limited PIN guesses were implemented, the rest probably not (I'll try to check it later today):
At least the 2nd and 4th bullet should definitely be fixed IMO. 1st - optimization - wouldn't be bad either. 3rd one - not sure what was meant - the user isn't blocked from logging in after X attempts for a specific period of time or?
(2014-09-04, 11:38 AM)Nik101010 Wrote:
- there are up to 4 database queries depending on the case fetching nearly the same data (failed login count, username, password, updating failed login count, fetching failed login count)
- Display number of failed login settings does not work (setting to yes does not show the remaining login attempts)
- The failed login count in the database is only used for the captcha setting, not for blocking the entire login
- When a captcha is required the login page does not show the captcha the first time it is required
At least the 2nd and 4th bullet should definitely be fixed IMO. 1st - optimization - wouldn't be bad either. 3rd one - not sure what was meant - the user isn't blocked from logging in after X attempts for a specific period of time or?