@Edent Brute force resistance would be my concern. With only a 20 bit entropy there must be good rate limiting both on a per-account and per-IP basis.
@Edent Brute force resistance would be my concern. With only a 20 bit entropy there must be good rate limiting both on a per-account and per-IP basis.