Update Authentification

2025-01-15 17:54:33 +00:00 · 2025-01-15 17:54:33 +00:00 · 51be598b47
commit 51be598b47
parent e68ab09c1b
1 changed files with 1 additions and 1 deletions
--- a/Authentification.md
+++ b/Authentification.md
@ -32,7 +32,7 @@ The xhash is valid for 24hours after the frontend must refresh the xhash, to opt

 For convenient purpose, a user can ask to a tribe (like smatchit) to store his credential that can be sent to a specific email only.

-Of course any request to backend is done with https (let's encrypt certificat)  to obfuscate the contain of http exchange
+Of course any request to backend is done with https (let's encrypt certificat)  to obfuscate the contain of http exchange. After 3 fails a time penalty is apply to avoid bruteforce.

 ## Profil and Accessright on data