30-03-2019, 06:28 AM
Iain
The password field is there to stop others from signing in under a registered callsign to enter a chat session and impersonate someone else. Nothing more, nothing less. Please note that I defined a "registered callsign" on purpose.
Note that you weren't asked enter the password twice because you can actually read on screen (and hopefully remember) what you typed as a password. I haven't heard a convincing reason to change to a password input mode field even though it would be 30 seconds work.
The storage of the username and password data is in a secure part of the webserver so no one but me can access it. Only 3 items of info are stored : callsign / username, password and registration IP address. That's it. Not even a date or time marker of when you register.
There shouldn't be anything typed in a chat session that can't be viewed by a limited public (ie other AR operators) so super high security is not really mandatory and no one else can see what you type as a password unless they are looking over your shoulder.
There is no password reset facility except manually by me - hence the simplicity.
The chat software in an entirely different package from the forum and just runs in different folders on the same web server - no other interaction is involved.
OK ?
Doug, admin
The password field is there to stop others from signing in under a registered callsign to enter a chat session and impersonate someone else. Nothing more, nothing less. Please note that I defined a "registered callsign" on purpose.
Note that you weren't asked enter the password twice because you can actually read on screen (and hopefully remember) what you typed as a password. I haven't heard a convincing reason to change to a password input mode field even though it would be 30 seconds work.
The storage of the username and password data is in a secure part of the webserver so no one but me can access it. Only 3 items of info are stored : callsign / username, password and registration IP address. That's it. Not even a date or time marker of when you register.
There shouldn't be anything typed in a chat session that can't be viewed by a limited public (ie other AR operators) so super high security is not really mandatory and no one else can see what you type as a password unless they are looking over your shoulder.
There is no password reset facility except manually by me - hence the simplicity.
The chat software in an entirely different package from the forum and just runs in different folders on the same web server - no other interaction is involved.
OK ?
Doug, admin
Doug VK4ADC @ QG62LG51
http://www.vk4adc.com
This Forum is only going to be as interesting as the posts it contains.
If you have a comment or question, post it as it may trigger or answer the query in someone else's mind.
http://www.vk4adc.com
This Forum is only going to be as interesting as the posts it contains.
If you have a comment or question, post it as it may trigger or answer the query in someone else's mind.