Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

security suggestion

by cLive ;-) (Prior)
on Aug 23, 2001 at 02:39 UTC ( [id://107180]=monkdiscuss: print w/replies, xml ) Need Help??

Any chance we can add an IP check to our logon (maintained through our personal page)?

With ability to use notation such as "209.55.*.*" to denote subnets etc... just a thought.

cLive ;-)

Replies are listed 'Best First'.
Re: security suggestion
by Maclir (Curate) on Aug 23, 2001 at 06:31 UTC
    Let me ask you a question - Why?

    I can use PerlMonks anywhere - I used it from work and home when in Australia, I use it here now I am in Dallas, and (once I start working), I can use it from there. All different networks - and I love it that way.

    What do you see the advantage being in restricting access

      I would agree with this idea if there were only a way for me to know for sure that I know it would only be ME accessing MY account. That way it wouldn't be so much as a resticting but making it more difficult for crackers to do anything without breaking in my house first :)

      NOTE: 200th post WAHOO!

      $_.=($=+(6<<1));print(chr(my$a=$_));$^H=$_+$_;$_=$^H; print chr($_-39); # Easy but its ok.
Re: security suggestion
by damian1301 (Curate) on Aug 23, 2001 at 06:27 UTC
    I sort of enjoy being able to login from another place...like at school occasionally...maybe there can be another password or soemthing to override this...thoughts?

    $_.=($=+(6<<1));print(chr(my$a=$_));$^H=$_+$_;$_=$^H; print chr($_-39); # Easy but its ok.
Re: security suggestion
by greywolf (Priest) on Aug 23, 2001 at 09:10 UTC
    I use Perl Monks all the time at both work and home.

    Anything less would be very bad.

    mr greywolf
Re: security suggestion
by cLive ;-) (Prior) on Aug 24, 2001 at 03:55 UTC
    Sorry, I should have expanded:
    • why? JavaScript enabled browsers can possibly be manipulated to steal your user cookie.
    • Allow list of acceptable IPs if on more than one fixed IP
    • optional!!!, not mandatory

    I just thought it would improve security a little...

    cLive ;-)

Re: security suggestion
by Aighearach (Initiate) on Aug 24, 2001 at 05:44 UTC
    I think this is a great idea, and most of the concerns can be addressed by storing it in an @rray instead of $caler.
    --
    Snazzy tagline here

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: monkdiscuss [id://107180]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others having an uproarious good time at the Monastery: (7)
As of 2024-03-28 10:48 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found