Quote:
Originally Posted by EscortBiz
Ill throw an idea out to you guys that will def help curb password trading.
Im aware of strongbox etc but not everyone uses it and many host on windows boxes etc.
Any 3rd party biller you use and obviously when you use your own merchant account you get postback data, customer name etc.
When someone logs in to your members ares show a link that displays their signup info, name address etc. I doubt people will go around posting their user and pass knowing that everyone who logs in can see their "original" info they gave when joining, and we all know how for some reason when joining porn people give their real info even if their email is a .mil or .edu (same people would use BS info if they where joining to view nytimes online)
|
most passwords are hacked or compromised from other htpassword files and brute forced and tried on all sites, not posted by the real member
the best way to curb unauthorized user/passes is to of course use proxypass or strongbox, but most importantly don't let the member choose his own password, let the script generate it.