This document summarizes Anton Dedov's presentation on using device cookies to slow down online guessing attacks. It discusses the threats of online guessing attacks and common mitigation techniques like rate limiting and account lockouts. It then introduces device cookies as a way to distinguish known clients from unknown ones and lock out all unknown devices at once. The document provides recommendations for implementing device cookies securely, such as using strong crypto and preventing cookie leakage.