Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- logins and passwords
- Doug Detchon
January 23, 2005, 2:48 am
rate this thread
Re: logins and passwords
1) Use server-side, not client-side methods to perform this. You can use any
server-side language you want.
2) If this login area contains anything that's truly private (such as
personal/ financial info) you need to encrypt the passwords in the database
(and of course the personal info as well)
3) Provide informative error messages during validation of the login info.
Don't just say "you screwed up". If they screwed up their username, tell
them. If they screwed up the password, tell them.
4) Be sure to provide some method of password/ username retrieval. Believe
me, you don't want to deal with countless emails by morons who can't
remember their login details.
5) Do not use the users' email address as their username. People change
Please Support "Project Boneyard":