Hey there HN, I'm currently having an issue on one of my accounts where, what seems like a botnet, is constantly sending password reset requests on it. This has been going for more than a week now.
I have contacted the service in particular (part of GAFAM) and their account security department told me there is nothing that can be done in this case and I should just disregard the emails.
I now ask you, HN, what can _we_ as developers, do to prevent this from happening on our services? Limit the amount of password reset requests for an account? (still doesn't solve the issue), etc.. As I, genuinely, have not managed to come up with a solution.
Comments URL: https://news.ycombinator.com/item?id=23588350
Points: 3
# Comments: 2
from Hacker News: Newest https://ift.tt/3ekyHvl
via IFTTT
No comments:
Post a Comment