[Phpwm] Security Feature
David Goodwin
david at codepoets.co.uk
Fri Mar 23 15:05:32 GMT 2007
Matt McConnochie wrote:
> Ok so i am keen to incorporate an additional security function for our
> website and wondered if anyone knew the best way to achieve the desired
> results.
>
> What i want is for a random generated number to appear that needs to be
> entered before a user can finalise their details.
>
> I have seen this done (cant for the life of me remember where - maybe
> ebay or myspace(???) )
>
> Any thoughts or help greatly appreciated
>
If you're a relatively small site, you may be better off just asking for
a trivial question to be answered correctly before submission can take
place - e.g. 2+2 = ? As long as you store the answer in the session, and
then just compare the session value with what was in the form.
I did come across a good idea a year or so ago where a user would click
on different spots on an large-ish image, and where the clicks occurred
was used as a means of authentication.
e.g click on 5 different places on a picture of a street like on a car,
some blonde's head, a telegraph pole etc etc... and the combination
becomes unique (as you're not likely to pick the same spots as someone
else). It probably had a +/- 5 pixel boundary around where you had
clicked to allow you to get your password right in the future ;)
(I can't remember the url of the site now)
David.
--
David Goodwin
[ david at codepoets dot co dot uk ]
[ http://www.codepoets.co.uk ]
More information about the Phpwm
mailing list