I like this last one but would it be easier to use IFRAMES instead of making someone click through.. less work for the end-user is always better. Just INCLUDE it or something to get the Private=1/Encoded=2 part I suppose.
Joshua "Peter Cooper" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Agree with Bill that the only "secure" way is to use https - this > secures the comms on the wire > > There is another way that will provide medium secutrity > > make a welcome.csp that starts the session - click logon and this > takes you to a logon page with > Private=1 > Encoded=2 > This will stop anybody easily trying to hack the login page > > plus disabling login after so many failed attempts > plus using some sort of IP security that only allows logon from known > IP addresses > > You also need to take all the steps covered in George James's security > presentation > > Peter >
