Beefy Boxes and Bandwidth Generously Provided by pair Networks
Just another Perl shrine

Re: Security in CGI and User Authentication

by Chady (Priest)
on Dec 04, 2002 at 08:01 UTC ( #217430=note: print w/ replies, xml ) Need Help??

in reply to Security in CGI and User Authentication

it doesn't matter much here, but I once used a cookie-less login.

I had a site to do for matching couples, the whole thing was for one event only. so I had a set of usernames/passwords (500 to be exact) and was to do the questions part as a website ( the matching had to be done on the spot at the party ).

anyways, I didn't want to log people in and out using cookies, and security wasn't much of a big deal in this particular project, so I hashed the username+password with MD5 and put the hash in the database along with a field for the number of questions they have answered.

on each hit, I sent the hash as a hidden field, then on submit I checked the number of questions and the hash, and knew what user is logged in. It proved to be pretty effective.

He who asks will be a fool for five minutes, but he who doesn't ask will remain a fool for life.

Chady |

Comment on Re: Security in CGI and User Authentication

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://217430]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others studying the Monastery: (5)
As of 2015-11-26 00:16 GMT
Find Nodes?
    Voting Booth?

    What would be the most significant thing to happen if a rope (or wire) tied the Earth and the Moon together?

    Results (693 votes), past polls