FlyerTalk Forums - View Single Post - WARNING (3rd-Party source): possible IHG Data Breach and member information leaked
Thread: WARNING (3rd-Party source): possible IHG Data Breach and member information leaked
View Single Post
Old Feb 20, 2017 | 12:31 pm
  #9  
htb
All eyes on you!
20 Years on Site
 
Join Date: Aug 2005
Programs: TK*G, UA*S, PC Diamond Amb, Marriott Life Platinum
Posts: 4,715
Originally Posted by serpens
It seems like another solution, which might be even easier than changing to a real password, would be to put a delay on a repeated entry of a PIN. For example, if I enter the wrong PIN, I can try again immediately. If I enter the wrong PIN a second time, there is a one second delay before I can try again. After the third time, it's 10 seconds, and so on. At least that would slow down the bots.
Won't work. The botnet doesn't have to crack a specific account. There are tens of thousands of computers (lets say: 10000) trying out tens of thousands of accounts (lets say: 10000), probably only doing one attempt at guessing the pin. With a probability of 1:10000 for guessing right, one account is bound to be compromised with each single run.

HTB.
htb is offline  
Reply