Bill, I agree with "locks only keep honest people honest." On one level, I am ok with that. However, I really wish there was a way to get some machine specific information to do this. I suppose it creates privacy problems etc, and even that could be masqueraded I suppose.
Any other ideas? Mark On 3/22/05 9:58 AM, "Bill Conlon" <[EMAIL PROTECTED]> wrote: > This is along the lines of "locks only keep honest people honest". > There is no reason that the persistent cookie, stored in a file on the > PC, can't be stolen or transferred to another system. > > > On Tuesday, March 22, 2005, at 09:28 AM, Chris Millet wrote: > >> We did this by simply using a cookie. A cookie is set during the first >> session, and then each subsequent session requires username, password >> and cookie to enter the site. The cookie restricts access not only to >> a single PC, but to a single browser as well. >> >> The important thing is to notify the users about the restricted access >> ahead of time and give instructions on what to do if a problem occurs. >> When a problem does occur, the users simply sends a request to reset >> their account. This provides a way to monitor potential suspicious >> activity. So far it has worked very well, and only a couple of resets >> are required a month for a base of about 1,000 users. >> >> Chris >> >> >> On Mar 22, 2005, at 10:50 AM, Mark Weiss wrote: >> >>> Hi, >>> >>> I am about to deploy a system for B 2 B ordering. Does anyone know of >>> a way, >>> to set up user accounts from the customers desktop and capture some >>> unique >>> identifier from his PC so that in the future, if someone tried to log >>> in >>> using their username/password from another desktop, it would not work? >>> >>> I don't mean to be too paranoid. Just wanting to lock things down as >>> much as >>> is possible to protect us and protect the customer's information. >>> >>> Running Witango on OSX Panther Server, 10.3.8. Witango 5.5. Apache >>> 1.3. >>> >>> ( And thanks to Robert Garcia, we have not experienced a single crash >>> at >>> this point after 2 months. Not a high volume site though, but so far >>> fast >>> and reliable. We have a date handling anomaly that I think is a >>> witango >>> issue, but other than that life is good. ) >>> >>> Mark Weiss >>> >>> >>> >>> ______________________________________________________________________ >>> __ >>> TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf >>> >> >> _______________________________________________________________________ >> _ >> TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf >> > > ________________________________________________________________________ > TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
