From 3c9b33176f52790ff669ec2f2e28ed350a3944c8 Mon Sep 17 00:00:00 2001
From: Jonny Tischbein <jonny_tischbein@systemli.org>
Date: Wed, 3 Oct 2018 14:32:16 +0200
Subject: [PATCH] Static reason for login failure to prevent bruteforce

---
 src/Module/Login.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Module/Login.php b/src/Module/Login.php
index e6bb933f0f..99401ebbe4 100644
--- a/src/Module/Login.php
+++ b/src/Module/Login.php
@@ -140,7 +140,7 @@ class Login extends BaseModule
 			}
 		} catch (Exception $e) {
 			logger('authenticate: failed login attempt: ' . notags($username) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
-			info('Login failed: ' . $e->getMessage() . EOL);
+			info('Login failed. Please check your credentials.' . EOL);
 			goaway();
 		}