To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.peopleOpen lugnet.people in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 People / 1114
1113  |  1115
Subject: 
 Re: Password checks (was: Re: LUGNET Memberships)
Newsgroups: 
 lugnet.people, lugnet.admin.general
Date: 
 Wed, 27 Sep 2000 22:39:16 GMT
Viewed: 
 6671 times
  
In lugnet.people, Kevin Loch writes:
[...]  Also, cookies can be made *much* more difficult than typical
passwords (BrickShelf uses 64 bytes).

I agree!  In a cookie, you can put complete random garbage that only the
authentication server knows how to interpret.  And if certain bits contain
an index, you can even use a one-time pad or other complex mapping to encrypt
the data so that the pw isn't sent back and forth as plaintext.

--Todd



Message is in Reply To:
  Re: Password checks (was: Re: LUGNET Memberships)
 
(...) The BrickShelf uses the cookie returned *and* the ip address that the cookie was issued to for reauthenticate login. Nobody has complained about loosing login yet via multiple proxies (i.e. aol). Also, cookies can be made *much* more difficult (...) (24 years ago, 25-Sep-00, to lugnet.people, lugnet.admin.general)

113 Messages in This Thread:
(Inline display suppressed due to large size. Click Dots below to view.)
Entire Thread on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact
    
Custom Search

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR