At 2:29 PM -0400 5/19/11, Alex Nikitin wrote:
I will try to respond to the original question.
Note: this is constructive criticism, so i wont do much in terms of praising
the good parts
It works, its very primitive, in some ways its pretty insecure, for example
it provides no session hijacking protection, it's not written with the
better of standards in mind, for one if you do store your password in code,
you shouldn't store your password in clear text, that way if say i was able
to bypass php execution and dumped that file out, i would still not have a
useable password, so use a hash. There is no timing out or attempt
management, for example i can write a 5 line-long brute script that will
just pound your script with user ids and passwords, you should make it at
least somewhat difficult for me to do that ;)
I agree if I was creating a more secure script.
I have scripts where the user enters a user id and password and the
password is immediately hashed and stored in a database. The next
time in, the user's input password is hashed again and compared with
the stored encrypted password. That way the raw password is never
stored anywhere. I even have people who ask me "Look at your records
and tell me what's my password?" and I say that I can't answer them
because the data has been one-way hashed. Instead, I have them use
the "forgot password" routines.
I also have a script that monitors how many times a user (via their
IP) tries to log on and restricts those attempts to a certain number
of times within a time limit.
As for XXS, I'm not sure as to what the exposure is because I am not
putting questionable data into the HTML document. Rather, the
questionable data is compared to known data -- if there is a match
then the user is allowed to continue -- if not, it fails. I don't use
the user's data for anything other than that.
If there is more to consider here, I would like to hear about it.
In any event, for me to consider all those points and also make the
demo simple enough for a novice user would be very difficult.
I would like to introduce to the novice a way to "protect" their
pages. But if I make it too complicated, then they simply won't
understand.
It is obvious that I should also tell the user that this is NOT the
most secure way to make things private and that there are other
security concerns.
What say you?
Cheers,
tedd
--
-------
http://sperling.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
