Is login & logout object... secure? 
Автор: Sinisa B.
Просмотрено 381,
Подписчики 1,
Размещенный 0
Hello everyone!
Regarding the LOGIN & LOGOUT object, I'm concerned that the current object doesn't have the option of protection via Re-CAPTCHA...
Only WSX5 forms have that built-in option...
How do we make it harder for spammers and others to break in via the WSX5 LOGIN & LOGOUT object?
Any "plug & play" solutions? 
Размещено
Hey Sinisa,
Check my post https://helpcenter.websitex5.com/ru/post/272594
Answer is no implementation !
Not only Bank gave 2FA configured (by SMS or email) .... almost websites now have it.
In fact into my first post, I have asked in January 2024 !!!! to implement 2FA security during login.
Today, no solution.
Good luck
Axel
Автор
Hi Axel,
Yes, that doesn't surprise me at all—I only use WSX5 to maintain the company's website, and now I work with a small employee database... that's why I'm asking all this.
By the way, for building websites (2-3 per year) I'm using NicePage + WordPress. When I switch to WSX5, it feels like I'm going back 10-12 years...
The problem with this software is that it has a large user base, and modernizing the code would require a completely new program that would not be compatible with the existing ones and would be too expensive to develop... so we probably can't hope for any modernization; at least they should work on security issues... it doesn't require a total code overhaul.
Axel, thanks for your comment!
Hello Sinisa,
Captcha methods are more commonly implemented when it comes to forms, as they can otherwise be subject to spam from bots, but I will report your feedback to improve the security of logins in case of attacks or similar situations.
wait. wait and continue to wait...
over the planet security is a major problem, but with WSX5 ... no problem...
Автор
@ Eric
Since WSX5 already uses Captcha in forms - pls. update this login & logout object with the same feature—thank you!
Автор
@ Axel
I took a look at the list of recent updates - this update would definitely not be cosmetic in nature or required by changes in the law... Maybe they'll do it this time?
...the login is already secure, because you have to be registered to access...
...anyway, ...there's a unique invention of mine that disables the submit button, encrypts the password, and requires confirmation with a copy/paste command, which a robot can't do...
...but there are forms and forms, sites and sites, and without a link to a real, working example online, providing the username and password, nothing works, as if I hadn't said before...
.
@KolAsim
the login is not secure because you are registered. !!!!!!
you cannot confirm by this way that the user which tryies to do a connexion is the good user
so 2fa send a confirmation to user by sms or email to check it
if no login in this case the credentials have been stolen
And your solution with the hash cannot guarantee that is the good user because non confirmation of the user by personnal thing - sms on his phone or email onnhis adress
so its why 2FA needs to be implemented .
hope to be more clear
Автор
@ Axel and KolAsim
I'm glad that two great experts on the forum took my question into consideration...
It would be great if Incomedia could solved this, it's very important issue for anyone who makes websites for clients (I personally don't with WSX5, I only maintain the website for the company I work for, but I still would like it to be more secure...)
@ KolAsim
As for the login form, it's for a standard (current) WSX5 Login & Logout object...
@ Eric (Incomedia)
Pls. try to push through this issue so that ie Login & Logout is secured as you already secured normal forms in the WSX5 - thank you!
I folow this...