change password recovery defaults

Author: tabacitu

src/config/backpack/base.php

@@ -215,7 +215,7 @@
     // for a certain email, to make sure they cannot be spammed that way.
     // How many seconds should a visitor wait, after they've requested a
     // password reset, before they can try again for the same email?
-    'password_recovery_throttle_notifications' => 60, // time in seconds
+    'password_recovery_throttle_notifications' => 600, // time in seconds
 
     // Backpack will prevent an IP from trying to reset the password too many times,
     // so that a malicious actor cannot try too many emails, too see if they have
@@ -224,7 +224,8 @@
     // How many times in any given time period should the user be allowed to
     // attempt a password reset? Take into account that user might wrongly
     // type an email at first, so at least allow one more try.
-    'password_recovery_throttle_access' => '2,5', // (defaults to 2,5 - 2 times every 5 minutes)
+    // Defaults to 3,10 - 3 times in 10 minutes.
+    'password_recovery_throttle_access' => '3,10',
 
     /*
     |--------------------------------------------------------------------------