Klez Posted November 23, 2005 Report Share Posted November 23, 2005 Firefox .. Mani intrese vai ir iespējams no servera puses neatljaut izmantot pasword manageri. Jo uz draugiem.lv un one.lv nestrādā pasword manageris .. :( Link to comment Share on other sites More sharing options...
Kristabs Posted November 23, 2005 Report Share Posted November 23, 2005 maini laukauma name veertiibas, gjeneree vinjas unikaalaas dinamiski Link to comment Share on other sites More sharing options...
bubu Posted November 23, 2005 Report Share Posted November 23, 2005 Tā u gan nevajag darīt, Kristabs. Viltus drošības izjūtu tikai dos. Reāli, ta visas paroles tāpat saglabāsies. Drīzāk vajag ar JS pirms submitošanas attīrīt password lauciņu, un kautkā viltīgāk mēģināt nosūtīt to infu. Link to comment Share on other sites More sharing options...
Delfins Posted November 23, 2005 Report Share Posted November 23, 2005 (edited) aha, es zinu vienu korporatīvā tīkla produktu, kuram passwords kopējās uz hidden un lauciņš aizvietojās ar penteri... nedomāju, ka kāds pašreizējais passw-manageris to atkostu... PS: psw kopēšanas uz hidden lauku jānotiek uz onkeyup() eventa... tas ir vienīgais drošais piegājiens... Edited November 23, 2005 by Delfins Link to comment Share on other sites More sharing options...
Grey_Wolf Posted November 23, 2005 Report Share Posted November 23, 2005 (edited) paskatijos kaa ir draugiem ------- <META HTTP-EQUIV="Expires" CONTENT="0"> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Cache-Control" CONTENT="no-cache"> ---------- un vinji arii dinamiski maina nosaukumu: <input type="password" name="42e51aec6b" size= --------------- P.S. manupraat vieniigi var meegjinaat ar JS on change...... realii apstraadaat to pasvordu ar kaadu JS skriptu kuram noteikti elementi dinamiski mainaas....... un uz servera kodeet atpakalj.... jo saglabaa vinsh tikai tad kad tiek forma nosuutiita.. edit: seviskji 'muhljiit' nav lielas jeegas, jo tas kas tiek klaat sisteemai var uzlikt kaadu klavieres sniferi..... un liidz ar to viss buus veejaa........ Edited November 23, 2005 by Grey_Wolf Link to comment Share on other sites More sharing options...
Klez Posted November 23, 2005 Author Report Share Posted November 23, 2005 viens variants ir ar JS uzmeikot base64 un suutiit serverim to base 64, mok ar JS var md5 uzmukljiit ? nezinu ... Link to comment Share on other sites More sharing options...
bubu Posted November 23, 2005 Report Share Posted November 23, 2005 Kāds tolks base64 meikot? ja jau tu tāpat var atkodēt? Link to comment Share on other sites More sharing options...
Delfins Posted November 23, 2005 Report Share Posted November 23, 2005 Nu tad jau AJAX + HTTPS + JS + ImageValidation Link to comment Share on other sites More sharing options...
Klez Posted November 23, 2005 Author Report Share Posted November 23, 2005 lietojam SSL :) Link to comment Share on other sites More sharing options...
bubu Posted November 23, 2005 Report Share Posted November 23, 2005 (edited) Un kā SSL atrisinās passwordu nesaglabāšanu klienta datorā? Edited November 23, 2005 by bubu Link to comment Share on other sites More sharing options...
Klez Posted November 23, 2005 Author Report Share Posted November 23, 2005 (edited) genereejam paroles laukam kkaadu random name, un paroli paarsuutam ar SSL paliidziibu :) Edited November 23, 2005 by Klez Link to comment Share on other sites More sharing options...
bubu Posted November 23, 2005 Report Share Posted November 23, 2005 Jautājums paliek spēkā - kā tas atrisinās paroles saglabāšanās problēmu? Link to comment Share on other sites More sharing options...
Klez Posted November 23, 2005 Author Report Share Posted November 23, 2005 nu jautaajums jau bija kaa var uztaisiit, lai password manageri "neatceras" paroli... Link to comment Share on other sites More sharing options...
bubu Posted November 23, 2005 Report Share Posted November 23, 2005 Un vai tad SSL+random name liks neatcerēties paroli?? Link to comment Share on other sites More sharing options...
Grey_Wolf Posted November 23, 2005 Report Share Posted November 23, 2005 nu var tachu dariit taa izmantojam nevis password bet parastu text lauku un ar onchange parsutam uz f-ju kas simbolus saglabaa hiden laukaa (pie tam ar JS uzgenereetaa) , bet text laukaa uzziimee * i - neviens password manegeris nevarees to atkost :) Link to comment Share on other sites More sharing options...
Recommended Posts