| ▲ | 1718627440 2 days ago | |
> There's no reason for it The reason is to add a delay when bruteforcing passwords. | ||
| ▲ | hananova a day ago | parent | next [-] | |
Bruteforcing is only really done with the password hashes in hand. Attacks on live systems are done with credential stuffing. | ||
| ▲ | timhh a day ago | parent | prev [-] | |
Definitely not for local password authentication, and I'm dubious it helps for ssh either. See my other comment. | ||