What are some suggestions for improving security in the registration process?

  • Suggestion
  • Thread starter cronxeh
  • Start date
In summary, it is recommended to enhance the security of the registration process by implementing the following measures: 1) Monitoring the number of registrations and notifying the admin if it deviates 2 standard deviations from the average, 2) Adding captcha or a verification image, and 3) Checking for anonymous proxies and duplicate IP addresses to prevent multiple registrations. However, there may be limitations with using one IP per registration due to shared networks and ISP recycling of IPs. Additionally, changing field and variable names may also help in preventing automated attacks. The team is actively working on implementing these suggestions to strengthen the registration process.
  • #1
cronxeh
Gold Member
1,007
11
Well in light of recent events, it seems only prudent to add security to registration process, my suggestion are as follows:

1. Check to see if the number of current registrations is 2 standard deviations away from the average for daily number of registrations, and if it is then notify admin by sms email. The average and stdev could be calculated once every 24 hours and stored in the sql database to save computational time and add robustness to the algorithm

2. Add captcha or some sort of nonlinear image for verification purposes

3. Check each registrant's IP for anonymous proxy or whether the IP is a multiple of another registered account and deny any new registration to that IP, add option to delete all newly registered users with the same IP
 
Physics news on Phys.org
  • #2
Thanks for your suggestions cronxeh. We are actively taking steps to strengthen our registration process.
 
  • #3
If you make it one IP per registeration you may run into problems with people using the same networks i.e.. schools. Also isp's sometime recycle ips around.
 
  • #4
I often wonder if just changing names of fields/variables passed through GET/POST won't make most scripts fail. I don't think they always analyze full page code, most likely it is just done once manually.
 

What is "Register.php modification"?

"Register.php modification" refers to making changes or updates to the code of the "Register.php" file, which is responsible for handling user registration on a website.

Why would I need to modify "Register.php"?

There are several reasons why you may need to modify "Register.php", such as customizing the registration process to fit your specific website needs, adding new features, or fixing any bugs or errors.

What are some common modifications made to "Register.php"?

Some common modifications made to "Register.php" include adding additional form fields, implementing email verification, creating a custom registration confirmation page, and integrating with social media platforms for registration.

Do I need to be an expert in coding to modify "Register.php"?

While having coding knowledge can be helpful, it is not necessary to be an expert in coding to modify "Register.php". With some basic understanding of HTML, CSS, and PHP, you can make simple modifications to the file.

How can I ensure that my "Register.php" modifications are secure?

To ensure the security of your "Register.php" modifications, it is important to follow best practices for coding, such as sanitizing user inputs, using prepared statements for database queries, and implementing password encryption.

Similar threads

Anonimity: Time to take the internet back.
    • Computing and Technology
Replies
4
Views
3K
Requesting suggestions for languages, libraries, and architectures for parallel (and sometimes non parallel) numerical and scientific computations
    • Programming and Computer Science
Replies
8
Views
2K

Hot Threads

Recent Insights

Back
Top