Re: best way to limit # of attempts to login to protected page?
This WebDNA talk-list message is from 2000
It keeps the original formatting.
numero = 35446
interpreted = N
texte = You mean to say if someone fails, say in 3 attempts to login, you would wantthem toget a new password and/or username? In that case you can do the number checkas wellas the IPAddress, or you can limit 3 attempts in a day/IPaddress, etc..I really don't know any other way to do this.anup> I also am not sure, but assume like you that a formvar overrides anURL-passed value.> but even if so, then the would-be-hacker could simply view source code,see the> incrementing formvar, and realize he could simply load the login form pagefresh to> reset the counter...>> Anup Setty wrote:>> > I pass the counter value as a formvariable, i.e., when I check for the> > username and password,> > and if it is wrong, I redirect them to the login page via auto formsubmit.> > I think the formvariable> > overrides the value passed through the URL, I'm not sure, you have agood> > point there, I will have> > to go back and do a test on that,> >> > anup>>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list
.> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to> Web Archive of this list is at: http://search.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
Associated Messages, from the most recent to the oldest:
You mean to say if someone fails, say in 3 attempts to login, you would wantthem toget a new password and/or username? In that case you can do the number checkas wellas the IPAddress, or you can limit 3 attempts in a day/IPaddress, etc..I really don't know any other way to do this.anup> I also am not sure, but assume like you that a formvar overrides anURL-passed value.> but even if so, then the would-be-hacker could simply view source code,see the> incrementing formvar, and realize he could simply load the login form pagefresh to> reset the counter...>> Anup Setty wrote:>> > I pass the counter value as a formvariable, i.e., when I check for the> > username and password,> > and if it is wrong, I redirect them to the login page via auto formsubmit.> > I think the formvariable> > overrides the value passed through the URL, I'm not sure, you have agood> > point there, I will have> > to go back and do a test on that,> >> > anup>>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to> Web Archive of this list is at: http://search.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
Anup Setty
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Max Record length restated as maybe bug (1997)
[include] error message (was:how to put/keep productcustomization info in basket?) (1998)
autocommit problem (1998)
Upgrading old WebCat Database Files (1997)
Searching multiple Databases (1997)
Re:no [search] with NT (1997)
New command suggestion (1997)
Help with update to 2.11 (1998)
NT Photo manip. util. needed (2000)
Problems with webcat 2.01 for NT (1997)
mail list (1998)
OT: Urgent help with Windows and Javascript (2003)
Removing [showif] makes a big difference in speed (1997)
lookup limitation ? (2003)
TCPconnect in a DB? (1999)
Refering page (1998)
[WebDNA] To be or not to be friendly (URLs) (2011)
is your webDNA site 'froogle' ready ??? (2003)
total number of matches (1999)
Problems w/ heavy use of cart header fields? (1998)