Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- log in
October 23, 2003, 10:43 pm
rate this thread
I like to make a log in page for my customer so each customer will
have there own user name and password and after they enter them user
name and password they will be taken to the different pages.
What is the secure way to do this.
Re: log in
In a nutshell:
* Run everything over https so its encrypted
* Have the password sent for every page, either using basic authentication,
* Authenticate the password with some process running on the server. The
specifics depend on the features of the server.
 Don't depend on one check and then given them an unprotected URI. That
way leads to allowing the password to be bypassed
David Dorward http://dorward.me.uk /