#[manton]Much better to have [aaronpk] try to break Micro.blog now instead of hackers later. 🙂 This is definitely a problem… I think I’m going to start by allowing at most 1 sign-in email attempt every 30 seconds, just to have some protection in place.