Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

Re: Webpage Logins

by nysus (Parson)
on Apr 12, 2001 at 23:29 UTC ( #72157=note: print w/replies, xml ) Need Help??


in reply to Webpage Logins

I'm new to Perl as well and just finished writing a similar kind of script. My script asks for the password and merely passes it back to the same script and checks it against an unencoded password file. All subsequent browser/server transactions place the password into a hidden field to maintain user session continuity.

Is this lock tight security? Absolutely not. But my point here is not so much to offer you a solution, but to remind you that there's no need buying a $2000 alarm system for your Ford Pinto, right? Most likely, no one will trouble themselves trying to capture my password with a packet sniffer. Even if they did, they couldn't cause any significant damage because my data just isn't that valuable and its no problem replacing it with my backup files. I know there are some purists out there who would disagree but they are probably security experts and have an agenda of paranoia to push. :-)

As far as specific advice for your script, I would say be careful of using IP addresses as a way to verify a user. AOL user's IP addresses can change from page to page.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://72157]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (3)
As of 2022-01-21 21:32 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    In 2022, my preferred method to securely store passwords is:












    Results (59 votes). Check out past polls.

    Notices?