That means that a cookie is created on the client machine. ----- Original Message ----- From: "Andy Ousterhout" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Friday, December 13, 2002 7:56 AM Subject: Session Variables (was Login/Password screen)
> What do you mean, maintained on the client? > > > -----Original Message----- > From: Jochem van Dieten [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 13, 2002 7:44 AM > To: CF-Talk > Subject: RE: Login/Password screen > > > Quoting Craig Dudley <[EMAIL PROTECTED]>: > > > > Create a session variable, set it to 0, and after every failed > > login attempt increment it by 1, if it reaches 3, don't show the login > > screen but a locked out screen instead. After their session times out, > > they will be able to try again however. > > Sessions, although stored on the server, are maintained on the client. > Ergo, insecure. Use an IP address. > > Jochem > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting.
