Add verification code when entering password

[wkmyws]

What is your suggestion?

On the login page, we can still continue to try after entering the wrong password many times.

So it is easy to crack passwords through dictionary enumeration.

Could we enable the verification code mechanism after entering the wrong password many times?

[jsjoeio]

There is some timeout/login attempt logic which I think prevents this slightly.