From 6021a6cf51500c72fcd61b64a2a8403b3baceb39 Mon Sep 17 00:00:00 2001
From: Roman <animir@ya.ru>
Date: Sun, 10 Nov 2019 12:36:41 +1000
Subject: [PATCH] Readme - add brute-force examples links

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 6949138..bd9fd59 100644
--- a/README.md
+++ b/README.md
@@ -109,6 +109,10 @@ app.post('/login',
   });
 ```
 
+#### Brute-Force protection
+
+Local Strategy should be protected against Brute-Force attacks. One simple and good technique is [limiting failed consecutive attempts](https://github.com/animir/node-rate-limiter-flexible/wiki/Overall-example#minimal-protection-against-password-brute-force). More secure technique is [limiting failed consecutive attempts and many from single IP](https://github.com/animir/node-rate-limiter-flexible/wiki/Overall-example#login-endpoint-protection)
+
 ## Examples
 
 Developers using the popular [Express](http://expressjs.com/) web framework can