Thanks for asking!
Yes, it's possible to authenticate users beyond the simple
username/password scheme. It's also possible to detect a certain
degree of password sharing. I'll outline the usual methods, and
provide links to further information.
USER AUTHENTICATION VIA SCRIPTS
*******************************
Beyond username and password access scripts, more powerful Membership
Managers may be employed to manage the .htaccess .htpassword and
.htgroups files, or to create a separate V3 member/password scheme
which bypasses those files and offers customized features for
integration into payment systems, page access, and enhanced user
authentication. In the simplest form, cookies or other security
constructs are placed to facilitate more robust query of site users.
I've listed several sources of ready to install scripts. Also, study
of the source will give you an idea of the complexity of this area,
and help you decide if you wish to incorporate such a script or write
your own.
Perl Scripts
************
Master Members Only - Willmaster
I have to confess a fondness for Willmaster scripts. I've installed
and used a number of them, including Master Members Only, and found
the quality to be excellent. They interface easily into larger
applications. They come with complete instructions, install with
minimum fuss (or the principles will install them for you, at no
charge), and do everything they claim to do.
Willmaster - Master Members Only
http://willmaster.com/master/membersonly/
Password Protection/Membership Script Listings
FreePERL - Password/Membership Scripts
http://www.freeperl.com/directory/Password_Protection/Memebership/
Script Search - User Authentication
http://www.scriptsearch.com/Perl/Scripts_and_Programs/User_Authentication/
PHP Scripts/Modules
*******************
Internet.com ScriptSearch
Security Systems - PHP
http://www.scriptsearch.com/PHP/Scripts_and_Programs/Security_Systems/
USER AUTHENTICATION VIA SOFTWARE OR DIGITAL CERTIFICATES
********************************************************
These applications offer more powerful user identification schemes
through the use of software or digital certificates. A small module
may be installed on the customer's computer system, and used to
positively identify each user. I've included several links, more can
be located easily by using the linked search.
DreamAccount
http://dreamcost.com/
From the home page, select the DreamAccount link.
SonicWall User Authentication
http://www.ssimail.com/Authenticate.htm
REMOTELY HOSTED USER AUTHENTICATION
***********************************
User Authentication is also offered via these remotely hosted
services.
ZapCertify is a web-based Credential Information System
Cyzap ZapCertify
http://www.zapcertify.com/benefits/
FURTHER STUDY
*************
Web Applications: Securing Access to Your Pages, By Edward Mason (ASP)
http://www.15seconds.com/issue/000413.htm
User Authentication
http://www.4guysfromrolla.com/webtech/LearnMore/Authentication.asp
Unix User Authentication HOW-TO
http://www.tldp.org/HOWTO/User-Authentication-HOWTO/
HotScripts
User Authentication Tutorials PHP
http://www.hotscripts.com/PHP/Tips_and_Tutorials/User_Authentication/
HotScripts
User Authentication Tutorials Perl
http://www.hotscripts.com/Perl/Tips_and_Tutorials/User_Authentication/
If you're working in a different language,or on a different platform,
use the search term phrase shown here, and add your language or
platform search term(s) to the end of the search string.
"user authentication" +how-to OR tutorials
********************
Google Search terms:
PHP scripts security OR "password management" OR "membership"
Perl scripts security OR "password management" OR "membership"
"user authentication" +how-to OR tutorials
"membership management" remotely hosted
"membership management" software
"membership management" "digital certificate"
Should you have any questions about the information or links offered,
please feel free to ask.
larre-ga |