Blog Developer Blog Defending Against a Login API Brute Force Attack Alex Leung is a Senior Enterprise Architect at Akamai Technologies. With over nine years at Akamai, Alex has been instrumental in advancing the capabilities of streaming high-quality media content through Akamai. Let’s face it, when you’re rushing to meet a big release deadline, you cut corners. Your test coverage gets spotty, your code isn’t so DRY, and your exception handling is sent to the tech debt graveyard—I mean,  backlog . We’ve all been there. But when it comes time to cut corners, do not cut out implementing the “maximum failed login attempt” safeguard. If your login API doesn’t have proper safeguards in place, then gaining access to a user account by brute force is relatively easy to pull off nowadays. In this post, we’ll show you just how an attacker might brute force a login API. Then, we’ll discuss countermeasures you can put in place to defend your systems.…