http://qs1969.pair.com?node_id=207071


in reply to Re: Hacking "explained"
in thread Filtering potentially dangerous URI schemas in <a href="...">

Funny, I mentioned exactly that example when post-discussing with hackmare. :) Mix the User-Agent with the pw before encrypting and the attacker must use or simulate the exact same browser. Just obscurity, yes, but better than nothing. :)

Using IP, as some would suggest, is generally a bad method, as it changes (sometimes every request) for lots of people.


You have moved into a dark place.
It is pitch black. You are likely to be eaten by a grue.