AbleCommerce Shopping Cart Software


http://forums.ablecommerce.com/

Captcha useless

http://forums.ablecommerce.com/viewtopic.php?f=42&t=12050

Page 1 of 1

Captcha useless

Posted: Sat Aug 15, 2009 10:06 am
by Mr. Flibble
Does no one realise that the admin login captcha will do nothing at all to stop a brute force attack? The captcha answer is sent in cleartext in the html!
src="../Captcha.ashx?w=300&h=80&id=065375&sid=1&t=054202"

Can this be fixed please? I suggest you remove "CAPTCHA image on administrator login page to prevent brute force attacks" on the feature page until it is fixed.

Re: Captcha useless

Posted: Mon Aug 17, 2009 10:02 pm
by sohaib
That is because you haven't set your encryption key. Once you set the encryption key you will not see the captcha value in clear text.

Re: Captcha useless

Posted: Wed Aug 19, 2009 4:45 pm
by Mr. Flibble
OKi doki.
All times are UTC-05:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/