The post should have been with this message: I have used AuthintiX and it is quite nice. I have noticed a web hosting company that offers it with their plans when I was looking for something else. Other things to consider are: 1. Required min. password length, 2. Special characters required within the password, 3. Password case sensitive, 4. Password expiration every 30 days ect., 5. User only allowed to be logged in once, if two users try to sign in using the same user id then blow away the current user session which allows only one user to be logged in, 6. Min. length for the user id.
Chris -----Original Message----- From: Ian Skinner [mailto:[EMAIL PROTECTED]] Sent: Monday, December 30, 2002 5:58 PM To: CF-Talk Subject: User Name/Password Concepts I am writing a User ID/Password login in for a commercial, registered members only type, Internet site. Not adult orientated if you care *S*. I've written simple CF Login functions before, but this current project that is going to require a little more true security then I've dealt with before. I'm asking all the guru's and other experienced CF developers if you can help with some ideas. Basically I want to provide a fairly secure site that doesn't turn away potential users/members/customers. What I'm interested in is comments and ideas on balancing Security verses User Convince. Also, what issues do I need to consider when I'm building this to increase the difficulty to hack my code and/or users logins as much as practical. Would I want to blend other security features in to this (NT Security for example)? Ian Skinner Developer Ilsweb [EMAIL PROTECTED] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
