- Fiverizer: convert a website from XHTML 1.0 to HTML5
- How to Convert Your Website from XHTML 1.0 to HTML5 the Quick and Easy Way
- DC Blog RSS Feed
- [Updated] Free Mobile-Friendly Layout Wizard
- [Fixed] Feedback Form Wizard
- GitHub patch release previous version
- 15 years of blogging 500 posts later
- How to disable Laravel console commands
- Vue show and hide form elements
- Extracting a time into select menus with PHP
Recent Questions
آخرین مطالب
امکانات وب
I'm hoping this was the right StackExchange to post in as it's not programming related. Apologies if not.
If I have a user system, be it thin client, web app, software and I have 2 users, Billy and John. Billy and John have the same password out of coincidence, pass1234 but different emails thus:
[email protected] - pass1234
[email protected] - pass1234
If Billy was to accidentally type John's email and login then surely he can login as him; as out of pure coincidence they have the same password.
Are there any programming/system/admin mechanisms to prevent something like this? As what is to stop someone using a fixed password "Passw0rd" and then cycling through thousands of different emails until they get a hit. (excluding the use of captchas)
I'm thinking of something like password + random salt derived from the useame, or hash the password with the useame etc, before verifying at the database level.
Recent Questions...ما را در سایت Recent Questions دنبال میکنید
برچسب:
نویسنده: استخدام کار
بازدید: 382