Hi all,
Building a REST API. I’d like to add a 1 second delay in HandleURL before sending a response when the user tries login credentials. This is in order to mitigate brute-force password attacks.
But every way that I know to add such a delay, for example a loop until the system time has elapsed 1s, or SleepMBS(1), locks the entire web app up for that duration, even for other users.
What’s the proper way to approach this?
15 posts - 5 participants