Thanks Andrew
Yes currently the platforms are WIndows server and Windows workstations although we would like to allow non-windows workstations.
We do not want to use Active Directory as that is too open and would allow the potential for IT staff for example to be able to log on. Having been an IT manager I am aware how insecure userid/password authentication is in real life where passwords are taped to bottom of keyboards etc. Users regularly tell IT support people their password so they can fix a problem - then immediately the system is insecure. The two passwords are for that reason as well. There are multiple CF applications sharing a password and again the users tend to use the same password for Active Directory as the application, so for the secure application they have to have a second password which they know if they pass on will result in loss of limb or worse :-)
We are also looking at biometric authentication but at this stage server based options are felt to be too expensive.
Mike
On 08/07/2004, at 11:51 AM, Andrew Scott wrote:
Mike,
You may have already thought of this but why multiple passwords and not a
single sign on?
You haven't really said the platforms, but I am assuming that it's a windows
server and windows workstation. If this is the case would it not be more
viable and cost effective to use the Active Directory and the users account
from a domain server.
This way a user could login into any server, and have the same privileges as
the group they belong too.
Regards Andrew Scott Technical Consultant
NuSphere Pty Ltd Level 2/33 Bank Street South Melbourne, Victoria, 3205
Phone: 03 9686 0485 - Fax: 03 9699 7976
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mike Lorimer
Sent: Thursday, 8 July 2004 10:58 AM
To: CFAussie Mailing List
Subject: [cfaussie] Locking to a machine
We have a CF 5 intranet application (shortly to be CFMX 6.1) for managing
highly sensitive information with multiple tiers of protection e.g. multiple
passwords, encryption of data, etc. However we would like to restrict the
users to specific workstations. Has anyone tried authenticating against a
USB or parallel dongle? Ideally the user should be able to move from
machine to machine taking the dongle with them and the CF login routine
would then check for the presence of the dongle.
Does anyone have any suggestions on alternate ways of locking the app to
specific workstations?
Thanks
Mike
Mike Lorimer Teaching & Learning Collective Pty Ltd PO Box 189 DEE WHY NSW 2099 Australia
Ph: 61 2 9451 5228 www.tlcollective.com.au
---
You are currently subscribed to cfaussie as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]
Aussie Macromedia Developers: http://lists.daemon.com.au/
Mike Lorimer Managing Director Teaching & Learning Collective Pty Ltd PO Box 189 DEE WHY NSW 2099 Australia
Ph: 61 2 9451 5228 www.tlcollective.com
--- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] Aussie Macromedia Developers: http://lists.daemon.com.au/
