Note that this requires both a cap on the number of times a given confirmation code can be tried and on the total number of account resets accross all accounts. If they can only be tried online, that's enough, provided that the number of confirmation codes that can be tried by an attacked is significantly smaller than 2 billion. There are 2^32 ≈ 4 billion confirmation codes, so brute force requires an average of 2 billion attemps.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |