The Daily Static
  The Daily Static
UF Archives
Register
UF Membership
Ad Free Site
Postcards
Community
Geekfinder
UFie Gear
Advertise on UF
Forum Rules
& FAQ

Username

Password


Create a New Account

  
 

Back to UserFriendly Strip Comments Index
secure web login by dennismv2007-12-26 11:47:50
  If you are going to by Didactylos 2007-12-26 12:28:35
login securely then redirect to a non-secure site, it may be better to use a non-password related identifier for session tracking. Any uuid is suitable.

In this situation, it is probably wise to reauthenticate for any sensitive operations, such as changing the password (which has to be done over SSL, obviously).

If you *don't* have SSL available for login, then it doesn't matter a whole lot *what* you do - it's not secure.
[ Reply ]
    There are a few "secure remote password" protocols by bwkaz2007-12-26 13:29:31

 

[Todays Cartoon Discussion] [News Index]

Come get yer ARS (Account Registration System) Source Code here!
All images, characters, content and text are copyrighted and trademarks of J.D. Frazer except where other ownership applies. Don't do bad things, we have lawyers.
UserFriendly.Org and its operators are not liable for comments or content posted by its visitors, and will cheerfully assist the lawful authorities in hunting down script-kiddies, spammers and other net scum. And if you're really bad, we'll call your mom. (We're not kidding, we've done it before.)