Re: A Review Request

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



At 2:29 PM -0400 5/19/11, Alex Nikitin wrote:
I will try to respond to the original question.

Note: this is constructive criticism, so i wont do much in terms of praising
the good parts

It works, its very primitive, in some ways its pretty insecure, for example
it provides no session hijacking protection, it's not written with the
better of standards in mind, for one if you do store your password in code,
you shouldn't store your password in clear text, that way if say i was able
to bypass php execution and dumped that file out, i would still not have a
useable password, so use a hash. There is no timing out or attempt
management, for example i can write a 5 line-long brute script that will
just pound your script with user ids and passwords, you should make it at
least somewhat difficult for me to do that ;)

I agree if I was creating a more secure script.

I have scripts where the user enters a user id and password and the password is immediately hashed and stored in a database. The next time in, the user's input password is hashed again and compared with the stored encrypted password. That way the raw password is never stored anywhere. I even have people who ask me "Look at your records and tell me what's my password?" and I say that I can't answer them because the data has been one-way hashed. Instead, I have them use the "forgot password" routines.

I also have a script that monitors how many times a user (via their IP) tries to log on and restricts those attempts to a certain number of times within a time limit.

As for XXS, I'm not sure as to what the exposure is because I am not putting questionable data into the HTML document. Rather, the questionable data is compared to known data -- if there is a match then the user is allowed to continue -- if not, it fails. I don't use the user's data for anything other than that.

If there is more to consider here, I would like to hear about it.

In any event, for me to consider all those points and also make the demo simple enough for a novice user would be very difficult.

I would like to introduce to the novice a way to "protect" their pages. But if I make it too complicated, then they simply won't understand.

It is obvious that I should also tell the user that this is NOT the most secure way to make things private and that there are other security concerns.

What say you?

Cheers,

tedd


--
-------
http://sperling.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux