PHWinfo - Afficher un message - HTTP Authentication in PHP -- limit retries?

16/10/2007, 03h10

Tom wrote:
> On Sun, 14 Oct 2007 06:08:39 -0700, David Hennessy wrote...
>> Hi! Is there any way to limit the number of retries when using HTTP
>> authentication in PHP?
>>
>
> I've seen lots of sites more to web forms instead of the usual pop-up gray login
> boxes that are normally used with HTTP authentication. IF you tried using that
> method you can probably keep track of IP address information and setup
> restrictions after so many retries.

That makes sense. Do you think it would be safe to say that HTTP
authentication is insecure, since it permits infinite retries?

--
Namaste,
David

16/10/2007, 03h10	#4
David Hennessy Messages: n/a Hébergeur:	Re: HTTP Authentication in PHP -- limit retries? Tom wrote: > On Sun, 14 Oct 2007 06:08:39 -0700, David Hennessy wrote... >> Hi! Is there any way to limit the number of retries when using HTTP >> authentication in PHP? >> > > I've seen lots of sites more to web forms instead of the usual pop-up gray login > boxes that are normally used with HTTP authentication. IF you tried using that > method you can probably keep track of IP address information and setup > restrictions after so many retries. That makes sense. Do you think it would be safe to say that HTTP authentication is insecure, since it permits infinite retries? -- Namaste, David