Re: Password policy: possible DoS scenario