Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW

Re: Security in CGI and User Authentication

by Chady (Priest)
on Dec 04, 2002 at 08:01 UTC ( #217430=note: print w/ replies, xml ) Need Help??

in reply to Security in CGI and User Authentication

it doesn't matter much here, but I once used a cookie-less login.

I had a site to do for matching couples, the whole thing was for one event only. so I had a set of usernames/passwords (500 to be exact) and was to do the questions part as a website ( the matching had to be done on the spot at the party ).

anyways, I didn't want to log people in and out using cookies, and security wasn't much of a big deal in this particular project, so I hashed the username+password with MD5 and put the hash in the database along with a field for the number of questions they have answered.

on each hit, I sent the hash as a hidden field, then on submit I checked the number of questions and the hash, and knew what user is logged in. It proved to be pretty effective.

He who asks will be a fool for five minutes, but he who doesn't ask will remain a fool for life.

Chady |

Comment on Re: Security in CGI and User Authentication

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://217430]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (10)
As of 2015-10-09 18:02 GMT
Find Nodes?
    Voting Booth?

    Does Humor Belong in Programming?

    Results (248 votes), past polls