right, I shoulda added that, I was assuming the user had a previously bought access to the site via cc or checking account #, in which case that number would become their username. Or an addition way would to use a regular username and password and also store their signup IP and compare it at login and if the IP is different then ask for the cc# before proceding. Does that make any kind of rational sense?
---------------------------------------- From: "Michael T. Tangorre" <[EMAIL PROTECTED]> Sent: Saturday, April 23, 2005 8:01 PM To: CF-Talk <[email protected]> Subject: RE: login issues > From: dave [mailto:[EMAIL PROTECTED] > Maybe use their cc # or checking account # as their username > (securely of course) because they cant fake that and it's > highly doubtful they will pass that # around to their friends. You can fake it. I can generate you any valid credit card number you want. Whether you can place a temporary authorization on it or not is another story. Unless the site does real time authorization and bulk final processing or just stores the info to manually run at a later time affects how useful just a CC# is. I think the best approach would be to have the username be the CC# (hashed of course) and the user's account does not become active until the card can be charged successfully. Mike ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:204136 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
