NamePros
Welcome, Guest! Ready to make a name for yourself in the domain business? We welcome both the hobbyist and professional domainer to join the discussion as part of the NamePros community.

Click here to create your profile to start earning reputation for posting, and trader ratings for buying & selling in our free e-marketplace. Build your trader rating with each successful sale. Our system has tracked over 100,000 sales and counting!
FAQ & TOS Register Search Today's Posts Mark Forums Read

Go Back   NamePros.com > Website Development Discussion Forums > Programming > CODE
Reload this Page Form security script

CODE This forum is for posting code snippets and example scripts that aren't quite tutorials, but could be useful for others. You may post code snippets and/or completed scripts that you've written and want to share here.

Advanced Search


Closed Thread
 
LinkBack Thread Tools
Old 01-09-2008, 02:26 AM THREAD STARTER               #1 (permalink)
NamePros Member
Join Date: Jun 2005
Location: New Zealand
Posts: 95
music_man is on a distinguished road
 

Form security script

Hi,

This is an onscreen keyboard written in js to help against keyloggers.

http://williamparry.com/scripts/formSecurity/index.html

Feedback appreciated.

Cheers
__________________
Self-service
My homepage
music_man is offline  
Old 01-09-2008, 05:20 AM   #2 (permalink)
Account Closed
 
DeViAnThans3's Avatar
Join Date: Apr 2006
Location: Belgium
Posts: 442
DeViAnThans3 is a name known to allDeViAnThans3 is a name known to allDeViAnThans3 is a name known to allDeViAnThans3 is a name known to allDeViAnThans3 is a name known to allDeViAnThans3 is a name known to all
 
Looks nice! For sites which require or want a high security, this could be quite suitable!

What I'ld do additionally, is making sure that people can't type anything in there (onkeypress javascript). Or are at least warned that they should use the onscreen keyboard for their own safety.

Note though that this form of security only can handle keyloggers. Network sniffers will still find the information very easily.
DeViAnThans3 is offline  
Old 01-09-2008, 09:10 AM   #3 (permalink)
If only you knew...
 
maximum's Avatar
Join Date: Oct 2005
Location: Inside your head...
Posts: 998
maximum has a reputation beyond reputemaximum has a reputation beyond reputemaximum has a reputation beyond reputemaximum has a reputation beyond reputemaximum has a reputation beyond reputemaximum has a reputation beyond reputemaximum has a reputation beyond reputemaximum has a reputation beyond reputemaximum has a reputation beyond reputemaximum has a reputation beyond reputemaximum has a reputation beyond repute
 


Child Abuse Special Olympics Save a Life Baby Health Autism
William, thanks for sharing. Nice idea
Originally Posted by DeViAnThans3
....
What I'ld do additionally, is making sure that people can't type anything in there (onkeypress javascript). Or are at least warned that they should use the onscreen keyboard for their own safety. ....
Good idea to add this, IMHO.
Originally Posted by DeViAnThans3
Looks nice! For sites which require or want a high security, this could be quite suitable!
????: NamePros.com http://www.namepros.com/code/416047-form-security-script.html
....
Note though that this form of security only can handle keyloggers. Network sniffers will still find the information very easily.
Wouldn't such be smart to be using SSL, etc., as part of the site's overall "high" security?
__________________
--- The greatest truths ever told, and the greatest lies ever told, all consist of exactly the same three words:
"I LOVE YOU"
--- The best say little, only say what is important.....then they shut up and sit down.
maximum is offline  
Old 01-09-2008, 12:58 PM   #4 (permalink)
NamePros Member
Join Date: Jan 2008
Posts: 138
gamescoper is an unknown quantity at this point
 
great script brilliant idea for online banking as well and if you can set it that the user cannot change the security level even better
gamescoper is offline  
Old 01-09-2008, 12:59 PM THREAD STARTER               #5 (permalink)
NamePros Member
Join Date: Jun 2005
Location: New Zealand
Posts: 95
music_man is on a distinguished road
 
Thanks for the feedback!

Your right that it doesn't prevent network sniffing, but as maximum said, SSL should cover that (and SSL encryption is better than any JS encryption).

gamescoper - it was originally designed to have the security setting set only by webmaster but I thought that if the user wants something easier to use (but less secure) then they can set it themselves.

Perhaps I should add a variable in the embed script that states whether the user can set their own security?

Cheers

William
__________________
Self-service
My homepage
music_man is offline  
Old 01-09-2008, 08:33 PM   #6 (permalink)
i love automation
 
xrvel's Avatar
Join Date: Nov 2007
Location: xrvel.com
Posts: 1,620
xrvel has a brilliant futurexrvel has a brilliant futurexrvel has a brilliant futurexrvel has a brilliant futurexrvel has a brilliant futurexrvel has a brilliant futurexrvel has a brilliant futurexrvel has a brilliant futurexrvel has a brilliant futurexrvel has a brilliant futurexrvel has a brilliant future
 
Nice script.
I tried to resize my browser and the 'keypad window' still on the top right part of my browser

Kurniawan.
__________________
xrvel is offline  
Closed Thread

« Free File Hosting V1.1 | Please Read Before Posting »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


Liquid Web Smart Servers  
All times are GMT -7. The time now is 09:07 AM.

Contact Us - NamePros.com - Privacy Statement - Top
Managed Web Hosting by Liquid Web
Domain name forum recommended by Domaining.com Powered by: vBulletin® Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.6.0 Ad Management plugin by RedTyger