Fixed typo in docs/ref/settings.txt.
This commit is contained in:
parent
9d5a487f33
commit
28e769dfe6
|
@ -2887,9 +2887,9 @@ Used by the :class:`~django.contrib.auth.views.PasswordResetConfirmView`.
|
|||
|
||||
.. note::
|
||||
|
||||
Reducing the value of this timeout doesn't make difference to the ability of
|
||||
an attacker to brute-force a password reset token. Tokens are designed to be
|
||||
safe from brute-forcing without any timeout.
|
||||
Reducing the value of this timeout doesn't make any difference to the
|
||||
ability of an attacker to brute-force a password reset token. Tokens are
|
||||
designed to be safe from brute-forcing without any timeout.
|
||||
|
||||
This timeout exists to protect against some unlikely attack scenarios, such
|
||||
as someone gaining access to email archives that may contain old, unused
|
||||
|
|
Loading…
Reference in New Issue