diff options
Diffstat (limited to 'TODOS')
-rw-r--r-- | TODOS | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -1,3 +1,10 @@ - hash the password, with salt (currently it's plain text which is a no go!) +- make the login mechanism more robust: + - http://www.devarticles.com/c/a/JavaScript/Building-a-CHAP-Login-System-Encrypting-Data-in-the-Client/2/ + - have a CHAP per default (working also over HTTP) + - If there is no Javascript, allow the "plain over HTTPS" fallback - check timeout when verifying the registration code of a user +- database model for a simple CMS + - http://www.techrepublic.com/article/two-ways-to-design-a-database-for-a-net-based-cms/ + |