With this Lifestuff example you have to logout, but I wonder if there is also a safety mechanism that logs you out after a certain time period, like 10 minutes (banks have this safety feature)? I can imagine people going to an publicplace or friends house and logging in, and forgetting to log out.
Login: In the past David said that when you login with the wrong creds you’ll be guided to a bogus account, but what if someone tries to bruteforce attack and login? Is there something like a time out mechanism to stop an bruteforce attack? If so will the user be able to set an timeframe like: If I login with the wrong password or somebody tries to bruteforce attack my account, let them have 1 login try per 30 minutes. This way it becomes time consuming to try to hack someone (BTW this is not my bright idea, but it’s how SQRL works).