Favor nano time, because it's monotonic

core/src/main/java/com/github/games647/fastlogin/core/AuthStorage.java

@@ -70,7 +70,7 @@ public class AuthStorage {
 
             // adding paranoid hides hostname, username, version and so
             // could be useful for hiding server details
-            config.addDataSourceProperty("paranoid", "true");
+            config.addDataSourceProperty("paranoid", true);
 
             // enable MySQL specific optimizations
             // disabled by default - will return the same prepared statement instance

core/src/main/java/com/github/games647/fastlogin/core/RateLimiter.java

@@ -21,8 +21,8 @@ public class RateLimiter {
      * @return true if allowed
      */
     public boolean tryAcquire() {
-        // currentTime millis could be expensive on some systems
-        long now = System.currentTimeMillis();
+        // current time millis is not monotonic - it can jump back depending on user choice or NTP
+        long now = System.nanoTime() / 1_000_000;
 
         // after this the request should be expired
         long toBeExpired = now - expireTime;