Re: best way to limit # of attempts to login to protected page?

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 35439
interpreted = N
texte = I also am not sure, but assume like you that a formvar overrides an URL-passed value. but even if so, then the would-be-hacker could simply view source code, see the incrementing formvar, and realize he could simply load the login form page fresh to reset the counter...Anup Setty wrote:> I pass the counter value as a formvariable, i.e., when I check for the > username and password, > and if it is wrong, I redirect them to the login page via auto form submit. > I think the formvariable > overrides the value passed through the URL, I'm not sure, you have a good > point there, I will have > to go back and do a test on that, > > anup ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: best way to limit # of attempts to login to protected page? (Anup Setty 2000)
  2. Re: best way to limit # of attempts to login to protected page? (John Butler 2000)
  3. Re: best way to limit # of attempts to login to protected page? (Anup Setty 2000)
  4. Re: best way to limit # of attempts to login to protected page? (John Butler 2000)
  5. Re: best way to limit # of attempts to login to protected page? (Anup Setty 2000)
  6. Re: best way to limit # of attempts to login to protected page? (James Howarth 2000)
  7. best way to limit # of attempts to login to protected page? (John Butler 2000)
I also am not sure, but assume like you that a formvar overrides an URL-passed value. but even if so, then the would-be-hacker could simply view source code, see the incrementing formvar, and realize he could simply load the login form page fresh to reset the counter...Anup Setty wrote:> I pass the counter value as a formvariable, i.e., when I check for the > username and password, > and if it is wrong, I redirect them to the login page via auto form submit. > I think the formvariable > overrides the value passed through the URL, I'm not sure, you have a good > point there, I will have > to go back and do a test on that, > > anup ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ John Butler

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

[WebDNA] [announce] MacWorld SF Jan. '09 (2008) form data submission gets truncated (1997) [WebDNA] Fresh Snow Leopard install (2009) Using the sendmail command on CGate Pro (Unix) (2000) PIXO (1997) Dummy Credit Card Number for debug? (1997) foreign character sets and conversions (1998) Emailer setup (1997) Corrupt Database Problem... (2000) passing info to thankyou.tpl (1998) Instructions for Digest (1997) [CART] inside a [LOOP] (1997) WebDNA 4.5 rpm?!! (2003) Navigator Parsing (1997) WebCat2b13MacPlugin - [math][date][/math] problem (1997) PCS Frames (1997) Outlook Rule (2002) So much more than a Software Developer (2004) Using Applescript to process WebCatalog functions (1998) Ok here is a question? (1997)