Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: logins and passwords

  • Subject: Re: logins and passwords
  • From: "Karl Core" <karl@NOSPAMkarlcore.com>
  • Date: Sun, 23 Jan 2005 01:16:57 -0500
  • Newsgroups: alt.html
  • Organization: CompuServe Interactive Services
  • References: <BfEId.48668$re1.34751@fe2.columbus.rr.com>
  • Xref: news.mcc.ac.uk alt.html:278320
"Doug Detchon" <ddetchon1@meo.rr.com> wrote in message 
> Currently I'm trying to make a page and I want to encode it with a log in
> that requires a password. Can anyone give me some tips on how to 
> accomplish
> this or what langs should look into to develop this.

1) Use server-side, not client-side methods to perform this. You can use any 
server-side language you want.
2) If this login area contains anything that's truly private (such as 
personal/ financial info) you need to encrypt the passwords in the database 
(and of course the personal info as well)
3) Provide informative error messages during validation of the login info. 
Don't just say "you screwed up". If they screwed up their username, tell 
them. If they screwed up the password, tell them.
4) Be sure to provide some method of password/ username retrieval. Believe 
me, you don't want to deal with countless emails by morons who can't 
remember their login details.
5) Do not use the users' email address as their username. People change 
their addresses.

-Karl Core
Please Support "Project Boneyard":

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index