Hello all,
Within all the hassle about the password problems of Community Edition 6.0,
I'm not sure if anyone has time to answer this; but I'd be glad to get some
insights :)
As mentioned in the subject,
what's the best practice to create a login-required iOS app?
Is the below algorithm appropriate?
* get the username & password from the native input boxes
* encrypt them with *md5Digest*
{is md5Digest secure enough or is there any other encryption options for iOS?}
* post them to a php script in the server
* php script checks the md5'ed username & password against the members table in
a mySql database
* get the answer of php script
* if it is ok, continue to the mainstack of app,
if it isn't then show the input screen again.
{should I count the login attempts to prevent a possible brute-force attack
or let the php script do the check counts of login attempts?}
Is there any possible issues which I should be careful about, considering
Apple's reviewing policies?
I read a post of Jacque (Jacqueline L.G.) in the forums as:
"I would also wonder about Apple's response. They do not allow custom licensing
schemes, …"
What's a custom licensing scheme?
There's something as "we should be able to load a license to devices" in my
customer's notes.
May I reply to my customer that Apple strictly forbids this?
Thanks…
~ Ender Nafi
~… together, we're smarter …~
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
