• Home
  • New Entries
  • Popular Entries
  • Submit a Story
  • About

AJAX Login System using XMLHttpRequest ...

This is an example of a login system that does not require page refreshes, but is still very secure. Valid usernames and passwords for this demo are user1/pass1 and user2/pass2. Try these, and also incorrect passwords to see the results.

Advantages

  • User does not need to refresh the page to login.
  • User is notified instantly on incorrect username/password combination.
  • Overall user experience is more seamless.
  • Password is not sent in plain text ever (more secure than traditional system).
  • Javascript convenience with server-side security (uses PHP/MySQL).
  • Uses one-time use random seed to hash the password before sending (making interceptions useless).

Disadvantages

  • System is more prone to brute force attacks.
    • Can be minimized by adding a delay after a certain number of attempts per username or per client.
  • User may expect a login button.
    • One could still be added without reloading the page.
  • Older versions of Safari cannot disable a password field.
  • This code uses the MD5 encryption algorithm, which has since been proven to be less secure than previously thought. If you use this code, I strongly recommend you switch to a more secure encryption algorithm, such as SHA-1. For sites were security is not crucial, MD5 should suffice.

 Original Source:
http://www.jamesdam.com/ajax_login/login.html#login

AddThis Social Bookmark Button

Posted at 11:17:19 pm | Permalink | Posted in Tutorials  Javascript  

Related Stuff

  • MooV: Using cutting edge Video phones and Software Video Phones - coupling all that with VoIP and empowering the disabled.

  • Moo Telecom: VoIP communications made easy - Ring anyway with the fun and ease of using a normal phone

  • TagR:Mobile Social Network with Real Time Locations Based services, and Ambience Intelligence, VoiP, IM, Skype, Googletalk, Mapping, Flickr, Events, Calendaring, Scheduling, SecondLife Support

  • ClearSMS : ClearSMS is a Web-based application that lets you send bulk SMS messages to your customers, contacts, or just about anyone.

  • Jajah:jah is a VoIP (Voice over IP) provider, founded by Austrians Roman Scharf and Daniel Mattes in 2005[1]. The Jajah headquarters are located in Mountain View, CA, USA, and Luxembourg. Jajah maintains a development centre in Israel.

  • Skype: It’s free to download and free to call other people on Skype. Skype the number one voice over ip software

  • PrivatePhone: a free local phone number with voicemail and messages you can check online or from any phone.

Top Stuff

MessengerFX

e-messenger

ILoveIM

Top 20 Ruby CMS

MSN Web Messenger

eBuddy



About Ajaxlines

Ajaxlines is a project focused on providing its audience with a database of most of Ajax related articles, resources, tutorials and services from around the world.

Its purpose is to showcase the power of Ajax and to act as a portal to the Ajax development community.


Search


Topics

  • .Net (164)
  • Ajax (83)
  • Ajax Games (10)
  • Articles (95)
  • Bookmarking (35)
  • Calendar (20)
  • Chat (45)
  • ColdFusion (3)
  • CSS (75)
  • Email (23)
  • Facebook (83)
  • Flash (19)
  • Google (54)
  • Html (27)
  • Image (11)
  • International Calls & VOIP (7)
  • Java (54)
  • Javascript (266)
  • jQuery (159)
  • JSON (61)
  • Perl (2)
  • PHP (156)
  • Presentation (19)
  • Python (3)
  • Resources (2)
  • RSS (8)
  • Ruby (31)
  • Storage (4)
  • Toolkits (103)
  • Tutorials (217)
  • UI (11)
  • Utilities (174)
  • Web2.0 (18)
  • XmlHttpRequest (28)
  • YUI (12)

© 2006 www.ajaxlines.com. All Rights Reserved. Powered by IRange