On 2013-06-10 20:27, Marc Perkel wrote:
I'm not sure. I'm wondering if they use automation and maybe it's not so smart. I don't think there is "a guy" typing passwords.
Perhaps only accepting the first password for any particular account from a single IP, and rejecting different password attempts from that same IP would do the trick?
I doubt it's "a guy", but it wouldn't surprise me if the botnet that performs the dictionary attack forwards the results off to "a guy" to confirm that the account works.
-- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren
