I Add 3-25 Seconds of Latency to Every Site I Visi...

[aj7]

For about six months, the Fidelity mobile site gave false indications of incorrect username/password on purpose. No idea why they did this.

[bennyelv]

I can see that it could be effective against brute force attacks. A real user would assume they fat fingered their password and try it again, a brute force attack would miss the password and carry on forever.