![cryptomator mount point changes every time cryptomator mount point changes every time](https://marriedbiography.com/wp-content/uploads/2020/09/me-h.jpg)
If on a sign-in attempt you are prompted for 2FA, this is also an indication the account exists. If account locks are only applied to real accounts, this informs the spammer that if after signing in too many times they get a lockout error, then the account does indeed exist. One is an account lock after too many attempts.
![cryptomator mount point changes every time cryptomator mount point changes every time](https://besthikinggears.com/wp-content/uploads/2020/09/K2-deaths.jpg)
But there are two tell-tale signs that can sometimes leak out of these endpoints. Typically, a service will just return "invalid email or password" during a login attempt to disguise whether the account actually exists or not. The spammer in this case will have wasted a tremendous amount of resources only to gather nothing-we're well protected against these kinds of scenarios.
![cryptomator mount point changes every time cryptomator mount point changes every time](https://www.lightbar-shop.co.uk/images/D/greensinglebeaconmag.jpg)
Done with many emails, this can allow spammers to compile a list of registered users with a service. A spammer might issue hundreds of thousands of requests against our login endpoint, each time with a different email, in an attempt to determine whether a particular email is registered with us. We tracked down the cause as a ballooning of the number of entries in our Redis cache, caused by what we believe to be an information-seeking spam operation on our login endpoint. We've resolved the issue we wrote about yesterday, where server performance had been degraded over the past few days.