While the risk is actually quite low because one would already have the user session and could potentially do other havoc it makes sense to throttle here in case of invalid previous password attempts.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
The reason for updating these messages, is that grammatically they're
not quite correct. They showed a combination of:
- Related phrases, which could be either separated or joined better
- Related sentences, but which should be expressed as separate ones
They were also missing full-stops to end the them.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Morris Jobke
Joas Schilling
Lukas Reschke
Matthew Setter
Roeland Jago Douma