|
|
Posted by Scott on 03/09/06 22:47
Peter,
You might consider having a single login for the whole club, if the data
you're hiding is not confidential. This will cut down on your coding
time a bit, and you can still use cookies to bypass the login after the
first time. I had a successful outcome doing this on a club site before.
Scott
Peter Chant wrote:
> I'm considering setting a website up for a club. I do not plan the contents
> to be for public consumption, but on the other hand I'm not going to have
> anything on there that is confidential, that would cause a problem if it
> went further.
>
> The basic reason is for publicity of club events. I want to make it easy to
> use. I suspect a login with a password would be too much effort for most
> people. I also note that computer literacy is not a skill all of them
> have, the sort of people who have not got the computer skills to be
> confident to shop on Amazon.
>
> Basically the problem is communication. Some of them read quarterly
> newsletters, some of them bin them. I send the occasional email out with a
> list of events, but if I do it too often some of them will start ignoring
> them. I have found telephoning people individually to be very successful,
> but I am not paid to do it and have a life.
>
> However, I need to be proactive rather than take the curl up and die
> approach. For those who are keen on the idea a website might help.
>
> I suspect that security through obscurity is just to lax, a url
>
> http://foo.bar/tbntrjvoprnio/index.html
>
> is just pointless.
>
> My plan is as follows:
>
> 1. Make them log in using their email address as a username. Email them
> their passwords first.
>
> 2. For people who have cookies enabled, store a cookie on their computer
> identifying them.
>
> 3. Use the cookies for future logins. Perhaps change the cookie at the
> start of each session. Perhaps make this expire.
>
> Alternatively, or if cookies are off, I could require a code, used for one
> session only, to be used for a session. The user would enter their email
> address. If it matched a list then the code would be sent to the user via
> email and they could use it as a password.
>
> Any thoughts? I do not want to make a special mail shot just to give
> everyone passwords by mail. Too much effort and cost for too little
> reward.
>
>
>
Navigation:
[Reply to this message]
|