> The "automatic" mode where the user credentials are rejected once per
> new IP is more troublesome to implement separately, but I am
> not sure we
> really need it either, especially not considering that some browser
> versions apparently automatically resubmits the same credentials one
> more time even if rejected..
Actually, I think I'd need it. There's an awful habit of password-sharing
in some places.
> (if someone could explain the
> logics behind
> resubmitting exactly the same credentials as was rejected I would be
> glad to know..)
Maybe as a workaround for buggy server-side authenticators?
-- /kinkieReceived on Fri Jul 20 2001 - 00:59:08 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:07 MST