Re: [twsocket] Login scenario, what do you think
Sease, Darin E. wrote: I have set up a login scenario that goes as follows. Once client receives notification of a connection from the server it sends server a 'login name' command. The server challenges the client by sending client a word/phrase (w/p). Client must encrypt the w/p and send back to server. Server will then compare encrypted w/p from client with its own encrypted version of w/p. If match, then complete login. What do you think? Are there better code examples out there that I could make use of? I would not use a home-grown authentication but some well known method instead. For example CRAM-MD5 or Digest authentication. -- Arno Garrels Darin Sease Building Systems Analyst Syracuse City School District PH: 315 435 4292 E: [EMAIL PROTECTED] -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Login scenario, what do you think
Are there better code examples out there that I could make use of? The ICS FTP client and server do this using One Time Passwords which is an internet standard, you can borrow the code from them, specifically the unit OverbyteIcsOneTimePw.pas and the demo program for it, OverbyteIcsOneTimePassword. There is an explantion of the handshaking at the top of the unit. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be