[Typo3-dev] For Kasper: ses_iplock and alternative authenticacion extensions
Juergen Egeling
egeling at punkt.de
Thu Apr 8 14:36:39 CEST 2004
* Kasper Skårhøj <kasper at typo3.com> [040408 11:46]:
> user is logged in from "192.168.1.10" we store and check for only
> "192.168" and nothing more.
IMHO might lead too much to a security problem. What do you
want to achive? Nail down one machine? -> User has to have a
unique IP address.
Nail down one user? Try to make an MD5 checksum from what the
browser tells you: Version, Language used, Operating system used, ...
If this changed, tell the user after login, ...
If User/PW is not enough.
regards
Juergen
--
punkt.de GmbH Internet-Dienstleistungen-Beratung
Vorholzstr. 25 Tel.: 0721 9109-0 Fax: -100
76137 Karlsruhe info at punkt.de http://punkt.de/
More information about the TYPO3-dev
mailing list