Beauregard T. Shagnasty wrote:
Phillip Jones wrote:
Beauregard T. Shagnasty wrote:
Phillip Jones wrote:
Beauregard T. Shagnasty wrote:
So what is "Googel" going to do with your association members'
names? Steal their bank accounts?
If Google owns and knows the captcha database, then it will be
easy to bypass the captcha and get private information. For example
I want to be able to put a membership list of the members of the
association: names, business names, addresses, Phones, emails for
the members to view. Now because Google owns the best Captcha
software company there is out there, there now, no secure method of
doing so.
You need to explain how you were planning on using a CAPTCHA image
on the association's login page. Does it not already have a user
name and a password assigned to each member? How will a distorted
image give Google the user's password?
I have a site with exactly what you state you want to do. It's for a
club. There is a Members Only portion of the site, and nobody can
enter it without knowing a user's name and individual password. What
good would a CAPTCHA do for a page like that? Did you ever have to
enter a CAPTCHA value when you log into your bank's pages for your
account details?
If you are *not* using name and password access, it's your fault if
the private information is compromised.
Google, nor any other search engine, cannot access my site.
there are sections of website the association wants everyone to see.
Great. The public part of the web site.
But then there would be one section the Members-Only section should
be hidden from view of Google and other items such as Yahoo ,
Altavista an so on.
Yeah, search engines. Great. What about non-members?
using a Captcha does the same thing as using a username and password
without the need for such and until Google bought the leading
captcha software developer, It was as secure as having a user name
and password.
Thanks for proving you don't know what a CAPTCHA is - or how to design a
secure web site.
In captcha you are required Type a series of letters or numbers that
have been altered to make them difficult to read Only when the are
correctly entered are you able to on continue on.
It's a Turing test [1]. Are you a human or a robot? Unfortunately,
CAPTCHA images have been cracked by bots. They are no longer secure.
They will not keep out the general public, so what made you think you
would have a private, members only section accessible only to the
members? If any human on the planet goes to your entry page they can
interpret the distorted image and gain access to your 'private'
information.
What happens if one of your members sends the link of the interior page
where your association members are listed? Will random access to that
page redirect them back to the 'login' page?
You *need* a username and password to keep - not only Google - but the
_general public_ out of your private pages. And each and every single
page inside the members-only section has to check and see if the user is
logged in. Otherwise, it needs to send them to members/login.
You should tell your association that you don't understand or know how
to write a private web site.
[1. Did you have to look that up? ]
If I have to put in a User Name /password system will for that page.
--
Phillip M. Jones, C.E.T. "If it's Fixed, Don't Break it"
http://www.phillipmjones.net/ mailto:pjon...@kimbanet.com
_______________________________________________
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey
