 |
 |
Find a programming school near you
php3-list | 200003
Date: 03/03/00
- Next message: Damien Mc Kenna: "Re: [PHP3] PHP on NT vs Linux/Unix"
- Previous message: James R. Edgar: "RE: [PHP3] PHP on NT vs Linux/Unix"
- In reply to: Greg Brunet: "Re: [PHP3] Passwords in clear text"
- Next in thread: Greg Brunet: "Re: [PHP3] Passwords in clear text"
- Reply: Greg Brunet: "Re: [PHP3] Passwords in clear text"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
: k
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Thu, 2 Mar 2000, Greg Brunet wrote:
> I'd love for this to work, but what's to keep Eve from just snarfing both
> the random number AND H3, then faking the login script as you described in
> the first scenario. The server gets back the same stuff as from a valid user
The random number changes on every transaction, H3 is useless to Eve.
> From: "Aidan Skinner" <aidan <email protected>>
> > Generate a random number in your login form everytime it's called.
- Aidan
-- http://www.skinner.demon.co.uk/aidan/ Currently looking for work: CV available on request.-- PHP 3 Mailing List <http://www.php.net/> To unsubscribe, send an empty message to php3-unsubscribe <email protected> To subscribe to the digest, e-mail: php3-digest-subscribe <email protected> To search the mailing list archive, go to: http://www.php.net/mailsearch.php3 To contact the list administrators, e-mail: php-list-admin <email protected>
- Next message: Damien Mc Kenna: "Re: [PHP3] PHP on NT vs Linux/Unix"
- Previous message: James R. Edgar: "RE: [PHP3] PHP on NT vs Linux/Unix"
- In reply to: Greg Brunet: "Re: [PHP3] Passwords in clear text"
- Next in thread: Greg Brunet: "Re: [PHP3] Passwords in clear text"
- Reply: Greg Brunet: "Re: [PHP3] Passwords in clear text"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
