Re: password authentication schemes
This WebDNA talk-list message is from 2003
It keeps the original formatting.
numero = 47066
interpreted = N
texte = There is a forms replacement for Authenticate -- look in your globalsdirectory for AuthenticateChecker.old - remove the .old and restart... Allthe authenticate dialog will be forms...On 1/22/03 8:29 AM, Terry Wilson
wrote:> My problem is password hackers pounding the server with user/pass> pairs and IP spoofing that thwarts NetBarrier. I'm finally fed up> with it.> > I've been using standard browser authentication with a group checker> include (has [authenticate] tag and a series of showifs based on a> lookup into my siteusers.db -- current, expired, pending, problem,> etc.). I want to switch to a form-based login system using session> cookies instead, and get away from browser authentication altogether.> My thinking is that this would require an actual human touching the> keyboard and these nuisance kiddies wouldn't be able to run automated> scripts. Maybe I'd include a radio button choice they'd have to click.> > They would have a login page, then protected pages would still have> the groupchecker include, but grabbing their username from> [getcookie] instead of [authenticate].> > Is anyone doing anything like this; is my line of thinking correct,> and any caveats before I start making major changes?> > Anyone else running paysites with similar problems and would like to> share concerns, please feel free to email me privately.> > iMac / Sys 9.2 / Web* 4.5 /WebCat 3> > Terry> Jay Van Vark'Guiding Positive Change in High-Tech Companies'one box voicemail (866) 248-7670 x 6471efax (801) 659-7952-- Great tool for advertising bid optimization, check out:http://www.Promote4Less.com-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
There is a forms replacement for Authenticate -- look in your globalsdirectory for AuthenticateChecker.old - remove the .old and restart... Allthe authenticate dialog will be forms...On 1/22/03 8:29 AM, Terry Wilson wrote:> My problem is password hackers pounding the server with user/pass> pairs and IP spoofing that thwarts NetBarrier. I'm finally fed up> with it.> > I've been using standard browser authentication with a group checker> include (has [authenticate] tag and a series of showifs based on a> lookup into my siteusers.db -- current, expired, pending, problem,> etc.). I want to switch to a form-based login system using session> cookies instead, and get away from browser authentication altogether.> My thinking is that this would require an actual human touching the> keyboard and these nuisance kiddies wouldn't be able to run automated> scripts. Maybe I'd include a radio button choice they'd have to click.> > They would have a login page, then protected pages would still have> the groupchecker include, but grabbing their username from> [getcookie] instead of [authenticate].> > Is anyone doing anything like this; is my line of thinking correct,> and any caveats before I start making major changes?> > Anyone else running paysites with similar problems and would like to> share concerns, please feel free to email me privately.> > iMac / Sys 9.2 / Web* 4.5 /WebCat 3> > Terry> Jay Van Vark'Guiding Positive Change in High-Tech Companies'one box voicemail (866) 248-7670 x 6471efax (801) 659-7952-- Great tool for advertising bid optimization, check out:http://www.Promote4Less.com-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Jay Van Vark
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
The beginning (1997)
[WebDNA] Sorry WebDNA not running message (2019)
in conversions.db crashes unix webcat (1999)
RH 8.0 (2002)
Bit off subject -- Faxing orders (1997)
Error with [applescript] (1999)
Multi-Row Tables from a search. (1997)
Need Sample Template - just purchased (1997)
Only charge card when product shipped ? (1997)
Banners (1997)
Nested vs conditional (1997)
WebCat2b13MacPlugIn - [showif][search][/showif] (1997)
taxrate - off by 1 cent (1997)
Line Endings (2003)
WebDNA 4.5.1 Now Available (2003)
WCS Newbie question (1997)
GuestBook example (1997)
StoreBuilder ADD 2 CART redirects to default.tpl - PLEASESTOP THIS! (2002)
Can WC remember people? (1998)
WebCat2 Append problem (B14Macacgi) (1997)