/check_password might be used to brute-force hack user passwords
/check_password route is not rate-limited, so attackers might call it with any frequency for the same user.
See Pleroma.Plugs.RateLimiter plug.
/check_password route is not rate-limited, so attackers might call it with any frequency for the same user.
See Pleroma.Plugs.RateLimiter plug.