"Doug Detchon" <ddetchon1@meo.rr.com> wrote in message
news:BfEId.48668$re1.34751@fe2.columbus.rr.com...
> Currently I'm trying to make a page and I want to encode it with a log in
> that requires a password. Can anyone give me some tips on how to
> accomplish
> this or what langs should look into to develop this.
1) Use server-side, not client-side methods to perform this. You can use any
server-side language you want.
2) If this login area contains anything that's truly private (such as
personal/ financial info) you need to encrypt the passwords in the database
(and of course the personal info as well)
3) Provide informative error messages during validation of the login info.
Don't just say "you screwed up". If they screwed up their username, tell
them. If they screwed up the password, tell them.
4) Be sure to provide some method of password/ username retrieval. Believe
me, you don't want to deal with countless emails by morons who can't
remember their login details.
5) Do not use the users' email address as their username. People change
their addresses.
--
-Karl Core
Please Support "Project Boneyard":
http://www.insurgence.net/info.aspx?action=band&item=boneyard
|
|
