Re: best way to limit # of attempts to login to protected page?

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 35439
interpreted = N
texte = I also am not sure, but assume like you that a formvar overrides an URL-passed value. but even if so, then the would-be-hacker could simply view source code, see the incrementing formvar, and realize he could simply load the login form page fresh to reset the counter...Anup Setty wrote:> I pass the counter value as a formvariable, i.e., when I check for the > username and password, > and if it is wrong, I redirect them to the login page via auto form submit. > I think the formvariable > overrides the value passed through the URL, I'm not sure, you have a good > point there, I will have > to go back and do a test on that, > > anup ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: best way to limit # of attempts to login to protected page? (Anup Setty 2000)
  2. Re: best way to limit # of attempts to login to protected page? (John Butler 2000)
  3. Re: best way to limit # of attempts to login to protected page? (Anup Setty 2000)
  4. Re: best way to limit # of attempts to login to protected page? (John Butler 2000)
  5. Re: best way to limit # of attempts to login to protected page? (Anup Setty 2000)
  6. Re: best way to limit # of attempts to login to protected page? (James Howarth 2000)
  7. best way to limit # of attempts to login to protected page? (John Butler 2000)
I also am not sure, but assume like you that a formvar overrides an URL-passed value. but even if so, then the would-be-hacker could simply view source code, see the incrementing formvar, and realize he could simply load the login form page fresh to reset the counter...Anup Setty wrote:> I pass the counter value as a formvariable, i.e., when I check for the > username and password, > and if it is wrong, I redirect them to the login page via auto form submit. > I think the formvariable > overrides the value passed through the URL, I'm not sure, you have a good > point there, I will have > to go back and do a test on that, > > anup ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ John Butler

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Deleting Orders (1997) Variables for chat (1997) WC Database Format (1997) OFF-TOPIC: Check www.godaddy.com for me ... (2003) [WebDNA] WebDNA on LiveCD ... (2008) Getting Started (2003) Help! WebCat2 bug (1997) What am I missing (1997) WCf2 and nested tags (1997) Error handling for accountNum (1997) find with exceptions (1997) Upcoming 2.1 Release and PCS Committment (1997) [WebDNA] BBEdit WebDNA Configuration.plist (Language Module) (2013) cart (1997) OT: Digger (2007) rotating thumbnails (1997) Quit revisited (1997) WC2b15 File Corruption (1997) SQL statements (2002) More news on 5.0 (2003)