Ya know, you could always add a captcha to the login screen as well as the username / password, would stop any mass-login attempt or brute force password crackers.
Chris -----Original Message----- From: Mark Fuqua [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 05, 2008 3:38 PM To: CF-Talk Subject: RE: Secure login system That's pretty smart. -----Original Message----- From: Al Musella, DPM [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 05, 2008 3:35 PM To: CF-Talk Subject: Re: Secure login system the only other thing I would add is a counter of bad log in attempts. if 5 attempts failed, I would lock out the account for a minute. If more than 20 attempts, I lock it out until I reset it. I have one very important page set up so that the user has to log in with the same set of credentials twice. the first time it appears that it didn't work. I tell the users (only a handful of people) they have to do it twice. I figure anyone hacking in will never try the same set teice. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:298262 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
