![[info]](https://www.insanejournal.com/img/userinfo.gif){kind=small}
Yeah, this is a huge security issue, and it needs to be addressed by you. If our accounts are that easily compromised, something needs to be changed in how login attempts are handled immediately.
It's not just limited to Insanejournal as the sole concern, as togetherinparis points out; if access to our emails and at least one password used in conjunction with that email is stolen, there's a good chance the person or people doing this could be using the information they're getting to try to gain access to people's accounts on other sites as well, some of which may store things like credit card information and phone numbers.
I second limiting login attempts to three attempts per X amount of hours, and requiring more complex passwords for accounts. Security of users' information and accounts should be top priority.
It's not just limited to Insanejournal as the sole concern, as togetherinparis points out; if access to our emails and at least one password used in conjunction with that email is stolen, there's a good chance the person or people doing this could be using the information they're getting to try to gain access to people's accounts on other sites as well, some of which may store things like credit card information and phone numbers.
I second limiting login attempts to three attempts per X amount of hours, and requiring more complex passwords for accounts. Security of users' information and accounts should be top priority.