Software, your way.
How To Get Good Custom Software
(Download)
(PDF)
burger menu icon
WillMaster

WillMasterBlog > Content Protection

FREE! Coding tips, tricks, and treasures.

Possibilities weekly ezine

Get the weekly email website developers read:

 

Your email address

name@example.com
YES! Send Possibilities every week!

Login Security

With active password sniffing expected at public WiiFi spots, secure login is the responsible thing. Provide a secure form for your users so only encrypted text transits from your user's computer to your server. (And don't store passwords in cookies.)

Once a password is compromised, not only does the cracker gain access to the user's account at your website, but also at all other accounts on the internet the user has with the same password.

It could be argued that users are responsible for using a different password at every website. But I think it more fitting as a site owner to acknowledge the reality that some people, perhaps many, use the same password in more than one place.

With the login form on a secure page, the user's browser can report that the page is secure. But that is not what provides the login security.

What provides the login security is the form submitting to an https://... secure URL, to software located on a secure server. It is the submission of the username and password that needs the encryption provided by the secure server SSL connection.

For additional security, an account lockout of 2 hours could be implemented whenever more than 5 incorrect login attempts occur during a period of 15 minutes. Or whatever numbers are best for your implementation. The lockout can prevent continuous brute force password guessing attempts.

For security, login forms need to submit to login software on a secure server.

Will Bontrager

Was this blog post helpful to you?
(anonymous form)

Support This Website

Some of our support is from people like you who see the value of all that's offered for FREE at this website.

"Yes, let me contribute."

Amount (USD):

Tap to Choose
Contribution
Method

All information in WillMaster Blog articles is presented AS-IS.

We only suggest and recommend what we believe is of value. As remuneration for the time and research involved to provide quality links, we generally use affiliate links when we can. Whenever we link to something not our own, you should assume they are affiliate links or that we benefit in some way.

Recent Articles in the Library

Simple 2-Column Flex Code Generator

This generator is intended to provide copy-and-paste code for use where 2 flex columns are desired.

Preventing Line Breaks

Three ways to prevent a browser from inserting its own line breaks.

Keeping Image Location Secret

The URL of an image embedded in a web page may be kept secret.

Easier Reading of JSON Data

For easier reading of JSON data, convert the JSON into an array.

Fixed Position Image

Position an image within a browser window that won't move even with page scroll.

Visually Centering Images

Sometimes an image that is technically centered doesn't look quite centered when viewed.

Cookie Directory Protection

Protecting subdirectories with a cookie can be an especially good method when access needs to be allowed from various internet connections.

How Can We Help You? balloons
How Can We Help You?
bullet Custom Programming
bullet Ready-Made Software
bullet Technical Support
bullet Possibilities Newsletter
bullet Website "How-To" Info
bullet Useful Information List

Blog Article Categories

© 1998-2001 William and Mari Bontrager
© 2001-2011 Bontrager Connection, LLC
© 2011-2024 Will Bontrager Software LLC