This is an example of a login system that does not require page refreshes, but is still very secure. Valid usernames and passwords for this demo are user1/pass1 and user2/pass2. Try these, and also incorrect passwords to see the results.
Advantages
- User does not need to refresh the page to login.
- User is notified instantly on incorrect username/password combination.
- Overall user experience is more seamless.
- Password is not sent in plain text ever (more secure than traditional system).
- Javascript convenience with server-side security (uses PHP/MySQL).
- Uses one-time use random seed to hash the password before sending (making interceptions useless).
Disadvantages
- System is more prone to brute force attacks.
- Can be minimized by adding a delay after a certain number of attempts per username or per client.
- User may expect a login button.
- One could still be added without reloading the page.
- Older versions of Safari cannot disable a password field.
- This code uses the MD5 encryption algorithm, which has since been proven to be less secure than previously thought. If you use this code, I strongly recommend you switch to a more secure encryption algorithm, such as SHA-1. For sites were security is not crucial, MD5 should suffice.
Related Stuff
-
MooV: Using cutting edge Video phones and Software Video Phones - coupling all that with VoIP and empowering the disabled.
-
Moo Telecom: VoIP communications made easy - Ring anyway with the fun and ease of using a normal phone
-
TagR:Mobile Social Network with Real Time Locations Based services, and Ambience Intelligence, VoiP, IM, Skype, Googletalk, Mapping, Flickr, Events, Calendaring, Scheduling, SecondLife Support
-
ClearSMS : ClearSMS is a Web-based application that lets you send bulk SMS messages to your customers, contacts, or just about anyone.
-
Jajah:jah is a VoIP (Voice over IP) provider, founded by Austrians Roman Scharf and Daniel Mattes in 2005[1]. The Jajah headquarters are located in Mountain View, CA, USA, and Luxembourg. Jajah maintains a development centre in Israel.
-
Skype: It’s free to download and free to call other people on Skype. Skype the number one voice over ip software
- PrivatePhone: a free local phone number with voicemail and messages you can check online or from any phone.
7 Comments |Add your comment.
Adrian Pike said:MD5 is pretty weak, just FYI. Id suggest using SHA for now.
user3 said:Hi
Sindy said:why do I have to do this?
ann said:Hi, checking out this cool ajax sample
AjaX said:AjaX Rame-Rame
user2 said:hello
user1 said:testing
Your Comment ...
Name (required)
Email (required, hidden)
Website