close ad
WARNING PC USERS: Do Not Install the DREAMWEAVER CC 2017 Update »
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Remember Me on this Web SIte

Thread began 7/01/2009 3:58 pm by ccooper309155 | Last modified 8/10/2009 10:56 am by biesheuvel378713 | 3034 views | 7 replies |

ccooper309155

Remember Me on this Web SIte

It's a pain to have to look up my pwd all the time.

What's more the site, won't even let IE remember my username.

Not good.

Sign in to reply to this post

biesheuvel378713

using cookies an safety

Well you can always write a cookie which remembers the username and password, but by doing so there are some safety issues you should consider....

You simply can not expect that a user always visit your site from behind his own computer, neither can you expect that a user is the only user on that particular machine.

Leaving cookies with the password, even encrypted is generally a bad idea. Also, permitting the browser to remember the password is also dangerous and it could seriously compremise the safety of your site.

Why? Well take a look around on the internet, lots of software to crack (even encrypted) cookies etc. etc. So if you have a cookie tool beware that nothing is safe. Leaving the option open that a browser can remember passwords could be easy for the user, but you can't expect that every user of your site is aware of safety issues.... As a web designer you are responsible for that safety issues, protecting peoples privacy and money in case you have a webshop etc.

Geetings,

Sign in to reply to this post

golegup359373

There is a method, maybe (but not available yet from WA)

Could the system identify the returning user's IP address? Since IP addresses are unique, Once authenticated, the system could allow a user to login automatically by associating that user's login (stored via a cookie) with an IP Address (made evident via a JavaScript call?). Just a theory - not sure if this is practical or even a valid solution.

Sign in to reply to this post

biesheuvel378713

Theoretically this is possible by checking the requestheader. But it might not always work. The information may not always be meaningful due to network address translation (NAT). Depending on how clients connect to the internet, multiple clients may share the same IP address (that of a gateway computer). The IP address may also change over the course of several request. (This can strongly relate to the provider system or maintenance etc. etc.)

But it also does not eleminate the problem that you can't know if the machine isn't used by other persons.


Using cookies requires a certain strateqy. For instance, if you run a webshop, you can make it possible that a user is verified by a cookie and, have some special settings loaded, can look at his wishlist etc. etc. But when the user makes a request to change his profile, wants to make a transaction etc. etc. he or she must always use his password. This is a compremise you make between a user friendly website and a safe website. You keep sensitive data protected with a password protocol while less sensitive data/settings are automatically implied through the use of cookies.

Sign in to reply to this post

ccooper309155

blah blah blah. this is WebAssist not Fort Knox.

Even my bank accounts are easier to work with then this site.

Sign in to reply to this post

tom250037Beta Tester

This issue has actually been covered in other posts. Webassist takes credit cards online, and thus has to be PCI compliant. Their merchant bank not only requires pci compliance, but many have stiffer security requirements to keep their merchant rates low.

As for being more difficult than your bank, perhaps they are behind the times a bit. Many banks, when entering a password require you to recognize an image, or logo as belonging to your accoung, and click in your password on a randomly changing keypad (ie keys that change position each time you reload the page) to prevent keyloggers from capturing your password.

While I agree it is a hassle to have to type in my password each time I visit, it seems a small price to pay for the added secutity.

Tom

Sign in to reply to this post

David StringerBeta Tester

Originally Said By: tom250037
  While I agree it is a hassle to have to type in my password each time I visit, it seems a small price to pay for the added secutity.
Tom  



I suppose I'm getting idle in my old age, I use Roboform Password Manager to login - one click and 'bingo', I'm into WebAssist and the forum!!

Sign in to reply to this post

biesheuvel378713

Originally Said By: ccooper309155
  blah blah blah. this is WebAssist not Fort Knox.

Even my bank accounts are easier to work with then this site.  



Excuse me for for putting up a long story but most people are not aware of safety issues considering internet and making payments. And also excuse me for trying to share some experience on a developer website where people are building web shops etc. If I would go to a customer and say "this is all blah blah blah" our team would be out of business.

Internet fraud is the biggest enemy of commercial sites, if your protection fails and customers get ripped your out of business.

One good advice, go to another bank or keep your money in a safe ;)

Sign in to reply to this post

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...