Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses

Re: Webpage Logins

by nysus (Parson)
on Apr 12, 2001 at 23:29 UTC ( #72157=note: print w/replies, xml ) Need Help??

in reply to Webpage Logins

I'm new to Perl as well and just finished writing a similar kind of script. My script asks for the password and merely passes it back to the same script and checks it against an unencoded password file. All subsequent browser/server transactions place the password into a hidden field to maintain user session continuity.

Is this lock tight security? Absolutely not. But my point here is not so much to offer you a solution, but to remind you that there's no need buying a $2000 alarm system for your Ford Pinto, right? Most likely, no one will trouble themselves trying to capture my password with a packet sniffer. Even if they did, they couldn't cause any significant damage because my data just isn't that valuable and its no problem replacing it with my backup files. I know there are some purists out there who would disagree but they are probably security experts and have an agenda of paranoia to push. :-)

As far as specific advice for your script, I would say be careful of using IP addresses as a way to verify a user. AOL user's IP addresses can change from page to page.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://72157]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (2)
As of 2023-01-29 19:22 GMT
Find Nodes?
    Voting Booth?

    No recent polls found