Re: A Letter to the Authors of Web Authentication Libraries

On Sat, May 2, 2009 at 11:27 PM, Paul Johnston wrote: > However, the use of JavaScript MD5 is not widespread. I think this is > because few authentication libraries support it. It is possible for a > library to provide JavaScript MD5 as an authentication mechanism, with > the

Re: A Letter to the Authors of Web Authentication Libraries

Is there a fallback to normal auth possible if js is not running? I like the idea, but preventing someone who doesn't have js enabled to register/auth is pretty harsh. On Sun, May 3, 2009 at 6:27 AM, Paul Johnston wrote: > > Hi, > > Many web sites have a user name and

A Letter to the Authors of Web Authentication Libraries

Hi, Many web sites have a user name and password login system, and do not use SSL. As a consequence, users' passwords are transmitted over the internet unencrypted. This puts them at risk, particularly if the user is on a shared ethernet segment, or open wireless network. For many years I have

dict over DSN; mixing bound/unbound fields; ManyToMany for create view

I'm new to this list so sorry if this post is perceived as spam. Multi-DB: I prefer dict to DSN because it raises the abstraction beyond cryptic syntax. It is great that django allows mixing bound/unbound fields in a ModelForm. I'm using an unbound field as a CAPTCHA. I'm interested in hearing

Re: Multi-DB Update

On May 2, 12:19 am, Malcolm Tredinnick wrote: > I'd prefer dictionaries to strings, because strings are tough to modify > dynamically -- as has already been demonstrated a few times in Django's > history. That's a pretty strong argument in favour of dictionaries - in