Bypass of Rate limiting in secure_session endpoint's password input will lead to user password disclosure

The rate limit for entering a password to start a secure session was too low. This allowed for brute force password guessing when an attacker would gain access to an existing session of a user. We have solved the issue by making the password rate limit the same as the regular login procedure.