Validate Username and password without lockout upon failed attempts

I would like to verify a user’s username and password without the side effect of locking out the user after a number of failed attempts. The code would be protected so that this would not open up a brute force attack. The information that I have seen on com.mendix.core.Core is not clear as to which methods result in a lockout situation and which ones do not.  Can anyone point me to more information about how this might be done? Thanks.
1 answers

Using the authenticate method would probably work in your case:

public static boolean authenticate(IContext context,
                                   IUser user,
                                   java.lang.String password)
                            throws CoreException

To prevent brute force attacks you could try to implement one of the the ReCaptcha widgets from the appstore