client side certs are the most secure way. WG
-----Original Message----- From: Paul Giesenhagen [mailto:[EMAIL PROTECTED]] Sent: 05 February 2003 19:54 To: CF-Talk Subject: OT Best Practice User Validating We have a sensitive site that requires that we know WHO is on the site and that the information that have given us is valid. I know the best way to accomplish this would be to phone verify each person, but this is labor intensive and cost prohibitive. Currently our system requires that the system assigns the password and sends the password via email to the member. This is ok, but it is so easy for people to get hotmail accounts that it isn't the best way. What are some of the ways that you all have used to validate/verify a user and who they are?! Thanks for the help Paul Giesenhagen QuillDesign ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
