Have a look at my post called "for the security minded web developer -
secure way to login?". It seems like a similar idea with less overhead.
Regards,
Tim
Tim-Hinnerk Heuer
http://www.ihostnz.com
Joan Rivers - "Never floss with a stranger."
2009/2/14 Virgilio Quilario
> > I have secured the
> I have secured the login form for my CMS with a challenge-response thing
> that encrypts both username and password with the
> (login-attempts-counted) challenge (and; here's my problem: a system
> hash) sent by the server (it would end up in your html as a hidden
> inputs, or as part of a json t
2 matches
Mail list logo