passport-local-mongoose icon indicating copy to clipboard operation
passport-local-mongoose copied to clipboard

Published 20 hours ago verified publisher icon saintedlama

More descriptive AttemptTooSoonError

Open jeremyml opened this issue 6 years ago • 0 comments

I think a better AttemptTooSoonError would be

Account is currently locked. Try again in 135 seconds. You have 8 attempts remaining before account lockout.

It doesn't compromise security when you use it in conjunction with a prudent value for the maxAttempts variable.

      var AttemptTooSoonMessage = 'Account is currently locked.  Try again in '
        + Math.round(calculatedInterval / 1000) + ' seconds.  You have ' 
        + (options.maxAttempts - user.get(options.attemptsField))
        + ' attempts remaining before account lockout.';

jeremyml avatar Jun 11 '18 16:06 jeremyml