Authorize via MySql?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Jizar II
    Confirmed User
    • May 2001
    • 1425

    #1

    Authorize via MySql?

    We´re working on a new paysite project and thought about authorizing based on html form+MySql instead of .htaccess.. Is this a better method regarding password crackers ect.?
    Is there any downsides to this method?
  • JFPdude
    Confirmed User
    • Jan 2002
    • 4027

    #2
    Htaccess and mod_auth_mysql works great.

    Just add the Mod_Auth_mysql modules to apache.

    Comment

    • NetRodent
      Confirmed User
      • Jan 2002
      • 3985

      #3
      Authorizing via a database (if it is properly index) is better than .htacess if you have a relatively large number of users. For small user lists, you're probably better off with .htaccess.

      As for trying to defeat password crackers, it doesn't make any difference whether you are checking them against a flat file or a database, assuming your database can handle the load.

      If you're looking to make life more difficult for the password crackers, you might want to look into the Auth::Cookie module. You can modify that in ways that will make it almost impossible to brute force passwords.
      "Every normal man must be tempted, at times, to spit on his hands, hoist the black flag, and begin slitting throats."
      --H.L. Mencken

      Comment

      • Jizar II
        Confirmed User
        • May 2001
        • 1425

        #4
        thank you for the useful info :-)
        Another thing that made me think about the database driven Authorization is that I want to give the monthly members access to sections that are non-available for the trial members..

        Comment

        Working...