mario kulka wrote:
The only reason I would think it would be hard to do is for someone to guess that the hash was made of his IP and not something else.Using the IP may be a very bad idea as it is *not* necessarily reproducible. For instance someone coming from a large company may be using 1 of 3 different relays (or more) for *each* request. There is nothing to guarantee that even during a single browsing session that a person will not come from multiple IP addresses. Also suppose I am on a dial/non-static IP, I log in, leave for an hour when I come back and reconnect my browser window hasn't changed, but there is a very good chance my IP has... On the flip side, a single IP can be used for many different users, which I would think decreases your security to the portion not including the IP....
http://danconia.org
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
