-100 for captcha. I detest it and will never use it myself. I'd rather deal with a little spam than inflict it on my users. I'm almost routing for the spammers in this case, if it's no longer effective, there won't be as much incentive to use it and I won't have to run into it all the time myself. And my vision is fairly good too!
+3 for cfformprotect, I use that in my software and it really does the job, without bothering the user. I'm sure the spammers could work around what it checks for, but since it's not widely used, it's not been a problem. Hacking login accounts.... I generally just allow so many failures before locking the account for some length of time. Generally a regular user is either going to already be logged in by that point, or they give up after 3 or 4 failed tries and request a new password. On the very rare occasion that someone gets locked out and really needs to get through, there's an admin function to unlock the account and reset the counter. --- Mary Jo Sminkey Author of CFWebstore, ColdFusion Ecommerce http://www.cfwebstore.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:298740 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
