Login   Register  
PHP Classes
elePHPant
Icontem

Authen_DAP

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Craig Manley  >  Authen_DAP  >  Download .tar.gz .zip  >  Support forum Support forum  >  Blog Blog  >  RSS 1.0 feed RSS 2.0 feed Latest changes  
Name: Authen_DAP
Support forum Support forum
Base name: authen_dap
Description: Slow down attempts to guess login passwords
Related classes: , , , , , , ,
Version: -
PHP version: -
License: GNU Lesser General Public License (LGPL)
All time users: 1497 users
All time rank: 2207
Week users: 0 users
Week rank: 2402
 

  Author  
Picture of Craig Manley
Name: Craig Manley <e-mail contact>
Packages: 5 Browse all classes by Craig Manley Browse all classes by
Country: The Netherlands The Netherlands - PHP jobs in The Netherlands
Age: ???
All time rank: 1914 in The Netherlands The Netherlands
Week rank: 1625 Down40 in The Netherlands The Netherlands Down
Innovation award
Innovation award
Nominee: 4x


  Detailed description  
This offers protection against automated attempts to guess login passwords also known as dictionary attacks.

It works by logging failed access attempts and when necessary it blocks the access to users that have failed to login too many times, as it may be an attack of a cracker using a dictionary of common passwords trying guess the correct password with an automated script.

The class uses a shared memory storage access class to keep track of the failed login attempts of each user.

  Groups   Rate classes User ratings   Dependencies   Applications   Files Files  

  Groups  
Group folder image User Management User records, authentication and session handling View top rated classes
Group folder image Security Security protection and attack detection View top rated classes


  Innovation Award  
PHP Programming Innovation award nominee
January 2005
Number 6
 One the types of attacks to breach the security of systems is to attempt to guess the access passwords of the system users.

Usually, the attacker resorts to dictionaries of common passwords that users tend to use, and try them all until one succeeds. This brute force attack method is usually known as dictionary attack.

This class provides a solution to protect against dictionary attacks a site that require the users to authenticate to have access to restricted pages.

It keeps track of login attempts to the same account, disabling access to that account for a given period after a few consecutive failed attempts.

This way, dictionary attack attempts are discouraged as they may take a very very long to be successful.

Manuel Lemos

  User ratings  
There are not enough user ratings to display for this class.

  Packages needed by this class  
Class Dependency Why it is needed
IPC Shared Memory
Required
 for shared memory

  Applications that use this class  
No application links were specified for this class.
Add link image If you know an application of this package, send a message to the author to add a link here.
  Files folder image Files  
File Role Description
Accessible without login Plain text file DAP.php Class The main class, based on an existing Perl class of mine.
Plain text file README.TXT Data Instructions
Accessible without login Plain text file tdap.php Example Example/test script for Authen_DAP.

Download all files: authen_dap.tar.gz authen_dap.zip
NOTICE: if you are using a download manager program like 'GetRight', please Login before trying to download this archive.