5 login attempts is too few
Mar 26, 2014 | 11:44 pm
#1
Original Poster
Join Date: Mar 2014
Posts: 1,783
5 login attempts is too few
Just a heads up, the site only allows 5 login attempts before locking out an account. Those 5 attempts are no better than 100 attempts at stopping a brute force hacker from trying to hack into the system.
What such a small number of login attempts will do, and ONLY do, is lock out legitimate users who probably don't use the site that much and are trying a few of their passwords to login to the system.
The functioanlity is not idea and lower than the stardard for websites nowadays.
What such a small number of login attempts will do, and ONLY do, is lock out legitimate users who probably don't use the site that much and are trying a few of their passwords to login to the system.
The functioanlity is not idea and lower than the stardard for websites nowadays.
Mar 27, 2014 | 8:13 pm
#3
FlyerTalk Evangelist
Join Date: Apr 2009
Location: Bye Delta
Programs: AA EXP, UA Silver, HH Diamond, IHG Plat, Hyatt Plat, Marriott Titanium, Nat'l EE, Avis PC, Hertz PC
Posts: 16,636
I can't think of a website offhand that allows more than 5 bad logins before a lockout. 5 is very common, even 3 in some cases.
Mar 28, 2014 | 2:56 pm
#4
Moderator: American AAdvantage
Join Date: May 2000
Location: NorCal - SMF area
Programs: AA LT EXP; HH LT Diamond, Matre-plongeur des Muccis
Posts: 62,948
There are utilities out there to "remember" passwords - and even some that assign very difficult to crack passwords and keep them in a protected file.
We value our members' privacy, and I doubt too many will try a brute force attack on FT - your bank, maybe.
Aug 14, 2015 | 6:45 pm
#5
Join Date: Aug 2001
Location: Arizona USA
Programs: NetJets Marquis, Southwest Moo, Marriott Platinum
Posts: 1,652
Password Reset
Unfortunately the password reset process is broken.
I asked that mine be reset, and 12 hrs later I receive a link to click.
Click link, temporary password arrives 5 hours later.
I can't post what I thought nor said throughout this process.
It's the worst password reset that I've ever encountered and it amazes me that FlyerTalk didn't address it last century.
I asked that mine be reset, and 12 hrs later I receive a link to click.
Click link, temporary password arrives 5 hours later.
I can't post what I thought nor said throughout this process.
It's the worst password reset that I've ever encountered and it amazes me that FlyerTalk didn't address it last century.
Aug 14, 2015 | 6:50 pm
#6
No longer with Internet Brands
Join Date: Mar 2011
Location: Los Angeles, CA
Programs: DL DM 1.6MM, Marriott LT Plat
Posts: 5,343
Unfortunately the password reset process is broken.
I asked that mine be reset, and 12 hrs later I receive a link to click.
Click link, temporary password arrives 5 hours later.
I can't post what I thought nor said throughout this process.
It's the worst password reset that I've ever encountered and it amazes me that FlyerTalk didn't address it last century.
I asked that mine be reset, and 12 hrs later I receive a link to click.
Click link, temporary password arrives 5 hours later.
I can't post what I thought nor said throughout this process.
It's the worst password reset that I've ever encountered and it amazes me that FlyerTalk didn't address it last century.
Some email hosts block FT emails. Or delay them. Then your password reset doesn't work or takes too long.
We always recommend gmail. Seems to have the fewest problems.
Aug 15, 2015 | 12:59 pm
#7
Moderator: American AAdvantage
Join Date: May 2000
Location: NorCal - SMF area
Programs: AA LT EXP; HH LT Diamond, Matre-plongeur des Muccis
Posts: 62,948
GMail seems to be quite robust about catching spam, account hijacking, not delaying e-mails, etc. and of course it's free.
Setting up a GMail account one uses for BBS, or even just FT, may help protect individuals' privacy.
Jan 9, 2016 | 6:46 am
#8
FlyerTalk Evangelist
Join Date: Oct 2001
Location: YYZ
Programs: A3&O6 Gold,IC AMB
Posts: 14,218
I am having a unique problem as I cannot remember my password and cannot reset it either as the original email used was deactivated 3 years ago by me. I have sent a PM to Bob.
I don't mind using an older account djjaguar but I'd like my djjaguar64 activities and posts and Evangelist status linked to djjaguar. Hope there is a resolution for me
I don't mind using an older account djjaguar but I'd like my djjaguar64 activities and posts and Evangelist status linked to djjaguar. Hope there is a resolution for me