[Phpwm] Security Feature

David Goodwin david at codepoets.co.uk
Fri Mar 23 15:05:32 GMT 2007

Matt McConnochie wrote:
> Ok so i am keen to incorporate an additional security function for our 
> website and wondered if anyone knew the best way to achieve the desired 
> results.
> What i want is for a random generated number to appear that needs to be 
> entered before a user can finalise their details.
> I have seen this done (cant for the life of me remember where - maybe 
> ebay or myspace(???) )
> Any thoughts or help greatly appreciated

If you're a relatively small site, you may be better off just asking for 
a trivial question to be answered correctly before submission can take 
place - e.g. 2+2 = ? As long as you store the answer in the session, and 
then just compare the session value with what was in the form.

I did come across a good idea a year or so ago where a user would click 
on different spots on an large-ish image, and where the clicks occurred 
was used as a means of authentication.
e.g click on 5 different places on a picture of a street like on a car, 
some blonde's head, a telegraph pole etc etc... and the combination 
becomes unique (as you're not likely to pick the same spots as someone 
else). It probably had a +/- 5 pixel boundary around where you had 
clicked to allow you to get your password right in the future ;)
(I can't remember the url of the site now)


David Goodwin

[ david at codepoets dot co dot uk ]
[ http://www.codepoets.co.uk       ]

More information about the Phpwm mailing list