FlyerTalk Forums - View Single Post - WARNING (3rd-Party source): possible IHG Data Breach and member information leaked
Thread: WARNING (3rd-Party source): possible IHG Data Breach and member information leaked
View Single Post
Old Feb 22, 2017 | 12:29 pm
  #12  
htb
All eyes on you!
20 Years on Site
 
Join Date: Aug 2005
Programs: TK*G, UA*S, PC Diamond Amb, Marriott Life Platinum
Posts: 4,714
Originally Posted by NickB
If I understand what serpens is suggesting, it is in essence a temporary locking of the account on repeated attempts. He says 1 second after 2nd attempt, 10 seconds after 3rd, etc...
The "second" attempt to guess a pin will be for a different account from a different computer. The 10 thousands attempt will be for yet another account from yet a different computer. And *Bingo* -- at least one bot will have hacked one of the 10000 accounts, simply by pure chance. And there's nothing, IHG can do against it, except introducing proper passwords.

One day later you can try the remaining 9999 accounts with your botnet again and get another hit. And the system easily scales.

HTB.
htb is offline  
Reply