limitphp Posted January 28, 2009 Share Posted January 28, 2009 Sessions go away after the browser is closed. So it probably wont help. I guess, what I'm trying to protect against, is someone using some kind of autobot constantly submitting until the password checks out. This is on my myaccount.php page.....so, they would have had to stolen someone's cookie to get there to begin with...and then run the autotry script or whatever.... Quote Link to comment Share on other sites More sharing options...
Sudden Posted January 28, 2009 Share Posted January 28, 2009 Ok...I was thinking storing info in sessions, and then testing it against them later. Which wont work. But your idea seems to be plausable. Quote Link to comment Share on other sites More sharing options...
haku Posted January 29, 2009 Share Posted January 29, 2009 I guess, what I'm trying to protect against, is someone using some kind of autobot constantly submitting until the password checks out. The best way to do this is to enforce strict passwords on your site. Require a combination of letters, numbers and symbols, and have a minimum length of 6 or so characters. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.