Question before I do something

[axilant]

Im thinking about creating a php script that you choose from a drop down menu to login to any of the sites.

Heres what it would be used for:

whoisdock.com (my whois search)

I know i hate going to all those websites and looking for the login link/button.

So i want to make a script that will login to godaddy, namecheap, enom, and some of the others. This will just act as a form not actually set the cookie.

But the problem is, will people bash it? Reason why i say this, people would think its a security problem. Anywho please give me your opinion on this. And whether i should do this or not.

 

[ZuraX]

I think it would be a security risk....

 

[Blackpanther]

It really depends on type security and how the site deals with passwords and usernames..

Example: Paypal login form encrypts the data before passing it to their secure server which decrypts it this makes sniffing those details hard as its encrypted at both points because you should have a secure connection to that site But if you pass the information from your form then the information is moving across the internet unencypted before it reaches paypals servers its open to plain text sniffing anywhere on its route.

But as i said it depends on the security used in the first place and also how you think about security.. If xyz.com does not use secure servers and secure connections then there is a real security risk for just login in from xyz.com as your connection isnt encrypted and its not a secure server so the info can be sniffed at any point between you and xyz.com in which case your script would not add any further security risk that dont already exist on xyz.com type sites.

hope it makes some sort of sense.

Let me know if it dont!

 

[axilant]

Yes, it probally would be. So i guess that idea is gone

 

[Blackpanther]

Why dont you just have a script that lists all the sites that you need to login to and when you select the site from the dropdown menu it takes you directly to thier login page...

 

[axilant]

I did think about that... I will make a script that redirects though, so i can have a total of clicks beside the link

 

[Anthony]

If you make one that logs in by passing usernames and passwords in plain text, then the accounts could be compromised.

 

[rajatbohra]

U can encript the URL and try it out.. This way u will be able to do it..

 

[Rob]

I like Blackpanther's idea.

Something for us to select that takes us straight to the login page for each of the websites would be nice, I'd definately use it myself, and where most people use a selection of registrars, I am sure it would be popular.

 

[painperdu]

However you wish to look at it, sensitive information still needs to travel from client to server.

Why not just bookmark the login pages in your browser?

 

[netPH]

for me, i'd rather go for the hrad way rather than staking my infos at risk... someone might do clone of your idea and illegaly use them. NOt a good idea IMO.

 

[axilant]

It was a good idea i had, but its too risky i did make it, but then agian the username fields are differnt for a few sites. I use php's function urlencode. Everything worked. But the downer for me to do this. I use javascript to put the password/username in all the names in hidden fields. Very risky. So im just going to figure something better out. Anyone have any suggestions or something they would find useful? On a whois search site.