Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Suggestions for a Simple Secure Login Script???

3 views
Skip to first unread message

Kirk Immel

unread,
Feb 8, 2001, 2:05:26 PM2/8/01
to
Hi all -

I'm nosing around for a simple secure login script, or asp, that i could use
for accessing my personal web site hosted by NT Server. I'd like the login
script to work in concert with Win NT SAM :)

any suggestions? freeware preferred :)

--
Kirk
Reply Address: ki...@seidcon.com


jaso...@pacbell.net

unread,
Feb 9, 2001, 7:19:25 PM2/9/01
to
My personal suggestion would be to lose NT and go to at least 2000.
The best choice would be a switch to Linux with PHP and Apache web
server. Then use Postgres as a rather large, stable, and free solution
to MS SQL. That would definately secure it.

Jason

On Thu, 8 Feb 2001 11:05:26 -0800, "Kirk Immel" <ki...@seidcon.com>
wrote:

William Hugh Murray

unread,
Feb 18, 2001, 3:46:40 PM2/18/01
to
jaso...@pacbell.net wrote:
>
> My personal suggestion would be to lose NT and go to at least 2000.
> The best choice would be a switch to Linux with PHP and Apache web
> server. Then use Postgres as a rather large, stable, and free solution
> to MS SQL. That would definately secure it.
>

This is your "simple" solution? Change operating system? I cannot
imagine what you would propose if the "simple" requirement went away.

William Hugh Murray

unread,
Feb 18, 2001, 4:14:40 PM2/18/01
to
Kirk Immel wrote:
>
> Hi all -
>
> I'm nosing around for a simple secure login script, or asp, that i could use
> for accessing my personal web site hosted by NT Server. I'd like the login
> script to work in concert with Win NT SAM :)
>
> any suggestions? freeware preferred :)

Over constrained problem. Free and "secure" are mutually exclusive.

I use Password Tracker Deluxe. See:

http://www.clrpc.com/ptd/

It is $25-. For me, it paid for itself in the first day of use but my
time is expensive. There is a trial available and the fee is waived if
you sign up for a credit card.

It is reasonably simple given the task. I have defined 25 applications
to it but have another 70 or 80 that I have not defined. It recognizes
the logon screen for the application and plugs what the script tells it
that the screen expects. I have defined 25 out of a 100 applications to
it including everything that I do more than once a day and most things
that I do daily.

It will generate random passwords for you and put them on the clipboard
so that you can insert them into password change procedures. It prompts
you for permission to do an automatic backup when it thinks that
something may have changed.

It stores its database as an encrypted flat file. The author does not
specify what encryption mechanism he uses. I would not trust it for
more than a long weekend against a skilled cryptanalyst but it would
probably resist most others for weeks or months.

I have used it w/ Win '98 and Win ME. I assume that it runs in any 32
bit windows but cannot find the system requirements.

I am satisfied with its security in my application and environment. I
use other security mechanisms in the environment with it. Neither the
authors nor I will make any representations about its security in your
application and environment. As a professional, I cannot recommend it
for commercial use but I have been known to demonstrate it to clients.

William Hugh Murray, CISSP

0 new messages