Bypass too many password requests


I was able to bypass the authentication timeout with too many failed login attempts, by logging in with github after I had forgot my password.

Not sure if this was intended functionality.


it is the intended behavior, the reason to not allow many login attempts is to prevent attackers from finding password by trying many combinations, logging in with github doesn’t help them