[drupal-devel] Securing Login: MD5 password hashing using javascript

Pat Collins pat at linuxcolumbus.com
Tue Nov 8 17:50:35 UTC 2005

On Tue, 8 Nov 2005 19:45:53 +0200, Adrian Rossouw <adrian at bryght.com> wrote :

> > True, but not everybody can use ssl/tls.  What about some kind of
> > authentication checking where the site would keep track of where  
> > you have
> > logged in from and upon detection of a change would prompt you with a
> > question that only you would know or send you an email that you  
> > would have
> > to respond to before you could gain access?
> Like certain ISP's that change the ip of the user with ever request ?
> 'where you have logged in from' is mostly impossible to determine.

They may change their IP, but that IP can be tied to who owns that block.


More information about the development mailing list