> There was bruteforce protection, but here's the fun part - it was presumably implemented on the frontend only because you could reload the page on the last attempt and reset the counter of attempts! There were no consequences that I know of (neither from the company nor a notification/follow-up with the customer) to locking out an account either.
Back when I had to use AllScripts EHR software, if I messed up my password three times, I'd just restart the client application. Bam, three more attempts, no need to wait ten minutes.
(I don't know if this is still the case, but I sure hope it's not.)
Back when I had to use AllScripts EHR software, if I messed up my password three times, I'd just restart the client application. Bam, three more attempts, no need to wait ten minutes.
(I don't know if this is still the case, but I sure hope it's not.)