I can't claim to have invented the technique. It's even better if a new hash is passed back every time and replaces the old one (it means that any copies of the old hash will no longer work).
Paul ----- Original Message ----- From: "Jeffry Houser" <[EMAIL PROTECTED]> To: <flexcoders@yahoogroups.com> Sent: Wednesday, December 05, 2007 4:40 PM Subject: Re: [flexcoders] Re: Local storage of password > > I think that's a simple (yet elegant) solution. > I wish I thought of it. > > Paul Andrews wrote: >> ----- Original Message ----- >> From: "Jeffry Houser" <[EMAIL PROTECTED]> >> To: <flexcoders@yahoogroups.com> >> Sent: Wednesday, December 05, 2007 2:22 PM >> Subject: Re: [flexcoders] Re: Local storage of password >> >> >>> That'd be too easy. He stated that he needs to prevent the user from >>> re-entering the password upon their next use of the application. >> >> And it would. User logs in with password. Server passes back hashed >> version >> of user logon+password as a key. Server remembers this key. >> >> Client saves this key locally and passes it through on future accesses. >> Server looks up this key to check it's one it handed out previously. >> >> Still open to abuse though, even if username/password values are still >> secret. >> >> Paul >> > > > > -- > Jeffry Houser, Technical Entrepreneur, Software Developer, Author, > Recording Engineer > AIM: Reboog711 | Phone: 1-203-379-0773 > -- > My Company: <http://www.dot-com-it.com> > My Podcast: <http://www.theflexshow.com> > My Blog: <http://www.jeffryhouser.com> > > > > -- > Flexcoders Mailing List > FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt > Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com > Yahoo! Groups Links > > > > -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> Your email settings: Individual Email | Traditional <*> To change settings online go to: http://groups.yahoo.com/group/flexcoders/join (Yahoo! ID required) <*> To change settings via email: mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/