- From: Nick Kew <nick@webthing.com>
- Date: Tue, 22 Apr 2003 18:48:57 +0100 (BST)
- To: Pablo Enríquez <lurgee92@yahoo.es>
- cc: w3c-wai-ig@w3.org
On Tue, 22 Apr 2003, Pablo Enríquez wrote: > I´m working in a web application which allows user > registering, login and logout. I´m looking for a > secure way for the register process, avoiding massive > automatic registers via software. You can't stop automated mass registrations. All you can reasonably do is make it sufficiently complex to deter likely attackers. Probably the simplest solution is to generate an email message containing a unique, automatically-generated registration key as part of the registration process. Anyone wanting to automate that will have to parse your email, so if it happens you can up the ante by adjusting - or randomising - the format of the mail. So long as your email is easy for a *human* to read, you're accessible. -- Nick Kew In need of paying work - http://www.webthing.com/~nick/cv.html
Received on Tuesday, 22 April 2003 13:49:12 UTC