Re: Limiting access to a website

Peter,

You might consider having a single login for the whole club, if the data you're hiding is not confidential. This will cut down on your coding time a bit, and you can still use cookies to bypass the login after the first time. I had a successful outcome doing this on a club site before.

Scott

Peter Chant wrote:
I'm considering setting a website up for a club. I do not plan the contents
to be for public consumption, but on the other hand I'm not going to have
anything on there that is confidential, that would cause a problem if it
went further.

The basic reason is for publicity of club events. I want to make it easy to
use. I suspect a login with a password would be too much effort for most
people. I also note that computer literacy is not a skill all of them
have, the sort of people who have not got the computer skills to be
confident to shop on Amazon.

Basically the problem is communication. Some of them read quarterly
newsletters, some of them bin them. I send the occasional email out with a
list of events, but if I do it too often some of them will start ignoring
them. I have found telephoning people individually to be very successful,
but I am not paid to do it and have a life.

However, I need to be proactive rather than take the curl up and die
approach. For those who are keen on the idea a website might help.

I suspect that security through obscurity is just to lax, a url

http://foo.bar/tbntrjvoprnio/index.html

is just pointless.

My plan is as follows:

1. Make them log in using their email address as a username. Email them
their passwords first.

2. For people who have cookies enabled, store a cookie on their computer
identifying them.

3. Use the cookies for future logins. Perhaps change the cookie at the
start of each session. Perhaps make this expire.

Alternatively, or if cookies are off, I could require a code, used for one
session only, to be used for a session. The user would enter their email
address. If it matched a list then the code would be sent to the user via
email and they could use it as a password.

Any thoughts? I do not want to make a special mail shot just to give
everyone passwords by mail. Too much effort and cost for too little
reward.



.

Relevant Pages

  • Re: Limiting access to a website
    ... You might consider having a single login for the whole club, ... I had a successful outcome doing this on a club site before. ... email address as login for first time, ... Cookies for subsequent logins if enabled. ...
    (comp.lang.php)
  • Re: Help trying to login to myspace programatically in vb.net
    ... 'Dim myspacecookies As New Net.CookieContainer ... you should get the login page from a config file. ... Dim response As System.Net.WebResponse = Nothing ... ' You need to capture the cookies at this point and use ...
    (microsoft.public.dotnet.general)
  • Re: login OWA of Exchange 2007 using .NET2003
    ... Actually the objective of my ASP.NET program is to login the FBA page ... then I will implant the cookies returned to the user's browser, ... it seems it has already logined the OWA. ... // implant the cookies returned from exchange server to user's browser ...
    (microsoft.public.exchange.development)
  • Re: HTTPS-Client bringt Fehler beim Wechsel von getIntputStream() auf getOutputStream
    ... d.h. hieße, wenn ich den Login mal durch habe, auch meinen Login? ... Genau aus dem Grund werden ja Dinge wie Cookies oder Werte ... | muss zunächst eine weitere Verbindung aufgebaut werden. ... Nur, wenn die Session an die SSL-Session gebunden ist, was ...
    (de.comp.lang.java)
  • Re: eCS 2.1 and logging into Verizon DSL account
    ... after the login page loaded I noticed it was just using HTTP so I added a S to make it HTTPS in the address field. ... Tried logging in with a bogus name and very quickly that part of the page became blank, ... If I clear the history and cookies, I can return to stage 1 failures. ... Since you're on Verizon you'd think the routing would be fine but you could try doing a tracerte www222.verizon.com. ...
    (comp.os.os2.misc)