Subject:*
<
Name/Email:*
<
Message Icon:*
<
Select*
<
Message:*
<



Click the Preview to see the content in action.
Options:*
<
Confirmation Code*
<
0 + 6 = ?  
Input the result from the expression
Maximum attempts you can try: 10
*
<
     

Re: Any recent profile module with captcha option for logins?
by redheadedrod on 2013/4/2 20:06:54

It IS in my plans to totally redo Profile from scratch soon. I will revive a past thread when I am close to working on it so I can develop a list of desired features. So when I do revive that thread please make sure to list this as a request. (Shooting for July assuming my other projects are done before then. )

Re: Any recent profile module with captcha option for logins?
by xoobaru on 2013/4/2 15:45:19

I think my sites users can all be thankful that someone had too much composition time on their hands that day.

In a more serious vein, although remember me it is still allowed on the site for sake of convenience, I do not believe that it is in the users best security interest to do so. Maybe I am wrong here.

If it is in yours or anyones plans to delve deeper into profile mods, one ergonomic (user friendliness) idea presented itself recently, to allow the user to select his/her preferred home page module from their profile. On a site with multiple services such as a forum, blog, social network, there will be users whose anchor to the site is a particular service they like to use. Such a feature would allow them to log immediately into the service of their interest, rather than have it determined universally by admin in the system prefs, or a home summary block page that none of my users seem to care about.
Re: Any recent profile module with captcha option for logins?
by redheadedrod on 2013/4/2 7:48:00

Too funny about the 4-1 posting...

I do have some ideas to try keeping Profile interesting for those wanting to keep the bots out. Have mentioned them before. Such as randomizing fields. Randomizing the login boxes with generic names and scrambling the HTML around on them on its own would make life more difficult for a bot. Would also make browsers remembering passwords not work either but it is hard to keep it both ways.

Just some of the cool things I will be working on with a new profile system.
Re: Any recent profile module with captcha option for logins?
by xoobaru on 2013/4/1 18:04:24

Quote:

chefry wrote:
That would be my first and LAST visit to your website. What a pain in the A$$.
A capcha screen at every login is not necessary


We heard your concerns.

Press Release -A Nearly Perfect Remote Authentication Strategy For Our XOOPS Site Users.

Announcing the development of the perfect spam proof and identity theft strategy to replace the need for a second captcha for our social network users. Shortly all of our users will be receiving a novel new device that looks like a retractable usb style thumb drive, but is a nearly foolproof authenticaton device.

Essentially the device captures users DNA courtesy a small needle that exits the rear of the housing as the usb drive is retracted. Yes, a user simply inserts the needle to a depth of about 10 millimeters (under or behind the ear is appropriate) and a small motor begins to agitate.


When a three beep sequence is heard about fifteen seconds later, the device signals it has collected and analyzed the users DNA signature, locked in the GPS coordinates, and time/date stamped the data. The device is now safe to extract. The usb drive can now be extended, retracting the needle back into its U/V diode sterilization chamber, where it is sanitized for its next use.

Upon insertion of the device into the USB socket of a web connected machine, the device gathers and appends additional data about the machine, then encrypts the entire data packet and transmits it to the security server.

Resized Image


It is so simple to use a child can register his entire family while they sleep in just minutes (one device needed per family member).

The security server acknowledges receipt of the packet and securely wipes the packet from the remote device. The user is then logged into his account. This means the packet cannot be used again. This is a precaution to prevent anyone intercepting the packet and decrypting along the way the ability use it to gain subsequent access.

For security, the server has also disabled the "remember me" option, and users are limited to 60 minute sessions. Since each packet may only be used for one hour of login time, users who need to spend more time online during the day will need to perform multiple such procedures per day (one per log in). This has driven our need to outfit the device with a special needle having a 100,000 poke cycle life. This will be more than enough for a user to log in twelve times per day for twenty years if they need to.

We feel that although users will initially experience resistance, that they will come around. Research has shown that it does not matter if one is addicted to an illicit injectable substance or a website. They will readily endure needles or nearly anything to satisfy their addiction. To address uers cosmetic concerns, a special cream will be made available for purchase on the site that aids rapid healing of the marks, as well as helping to underwrite the costs of the device.

There is NO WAY any spam bot can get past this level of security. But it does not stop here.

Regarding any user(s) identified as having turned against, thereby becoming a threat to either system security or the community, the device can be silently and remotely programmed to operate its next session in the opposite direction (injection mode) if you get our drift. This effectively quells the same user from signing up again with a different IP or username.

This revolutionary new capability is being offered absolutely free to our users, and potential users (such as possibly Chefry quoted above), alleviating them from from the arduous inconvenience of logging in manually especially with a second catptcha. It is the only way we can keep them (and us) TRULY safe. That said, may I just extend my wishes for a very happy and prosperous April Fools! day to all XOOPSers everywhere. FYEO.

Re: Any recent profile module with captcha option for logins?
by xoobaru on 2013/2/2 15:45:18

VPN

Who's Online

155 user(s) are online (115 user(s) are browsing Support Forums)


Members: 0


Guests: 155


more...

Donat-O-Meter

Stats
Goal: $15.00
Due Date: Jul 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $15.00
Make donations with PayPal!

Latest GitHub Commits