I would like to add an extra reCaptcha to my login form after several unsuccessful login attempts (let’s say 3). My first idea was to use the
DDPRateLimiter but it looks that it doesn’t alter a method, it only limits the calls to it. The recaptcha should show up after, e.g. the third attempt, and it should be checked, I guess, in a server side
I would like to avoid logging user login attempts and use a built-in features if possible. I am wondering if there is a common practice to achieve that, or if someone came up with a satisfying solution.
Of course, feel free to request more details.