Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask
 
PerlMonks  

Re: Security in CGI and User Authentication

by Chady (Priest)
on Dec 04, 2002 at 08:01 UTC ( #217430=note: print w/ replies, xml ) Need Help??


in reply to Security in CGI and User Authentication

it doesn't matter much here, but I once used a cookie-less login.

I had a site to do for matching couples, the whole thing was for one event only. so I had a set of usernames/passwords (500 to be exact) and was to do the questions part as a website ( the matching had to be done on the spot at the party ).

anyways, I didn't want to log people in and out using cookies, and security wasn't much of a big deal in this particular project, so I hashed the username+password with MD5 and put the hash in the database along with a field for the number of questions they have answered.

on each hit, I sent the hash as a hidden field, then on submit I checked the number of questions and the hash, and knew what user is logged in. It proved to be pretty effective.


He who asks will be a fool for five minutes, but he who doesn't ask will remain a fool for life.

Chady | http://chady.net/


Comment on Re: Security in CGI and User Authentication

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://217430]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (7)
As of 2014-09-21 06:59 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (167 votes), past polls