Re: Why does it take a long time to tell me my password is wrong?
Originally Posted by
NoSmokingBandit
I've always wondered this and i was logging in and misspelled my name and it reminded me. Whenever i misstype a password or username it takes about 5 seconds for any linux distro to tell me it was wring, yet in windows and osx it tells me instantly. Is there some method to the madness that i dont grasp.
The madness is in letting the person try another password immediately. It means they can brute-force it by guessing lots of possibilities very quickly.
The Linux way is much more secure. The guesser can't even be sure it's wrong until he waits a bit (it could just be starting the logging-in process).
Does your bank's cash dispenser allow you key in several PINs in quick succession?
If people were nicer, I'd answer more queries here!
Bookmarks