[OWASP_PHPSEC] Captcha library in phpsec?

Minhaz A V minhazav at gmail.com
Wed Jul 9 10:28:26 UTC 2014


No its like, we have  a brute force identification method in
adv_password.php,
So we can do two things, recommend the developers to call recaptcha
functions when brute-force exception is thrown by phpsec
or
trigger recaptcha function (by default) when brute force is observed.

I like the 2nd one, it would ease developers' task!

Kind Regards,
Minhaz,
minhaz.cistoner.org


On Wed, Jul 9, 2014 at 3:52 PM, Abhishek Das <das.abhshk at gmail.com> wrote:

> ReCaptcha already has a really straightforward PHP API. I don't think we
> need a wrapper around it. Do we?
>
>
> On Fri, Jun 20, 2014 at 6:35 AM, Abbas Naderi <abiusx at owasp.org> wrote:
>
>> ReCaptcha from google is nice, we can have a wrapper on it. For a
>> PHP-only captcha, the problem is that we need font and imaging libraries
>> installed, not available on all systems.
>> -A
>>      ______________________________________________________________
>> *Notice:* This message is *digitally signed*, its *source* and
>> *integrity* are verifiable.
>> If you mail client does not support S/MIME verification, it will display
>> a file (smime.p7s), which includes the X.509 certificate and the signature
>> body.  Read more at Certified E-Mail with Comodo and Thunderbird
>> <http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> in
>> AbiusX.com
>>
>> On Jun 19, 2014, at 7:08 PM, Minhaz A V <minhazav at gmail.com> wrote:
>>
>> since we are developing whole set of security libraries in here...
>> shouldn't we have one for captcha too?
>> developer could directly use it whenever brute-force exception is thrown
>> (for ex)
>>
>> We don't need to develop it, we can just provide good one bundled with
>> phpsec, so that developers do not have to fetch it!
>>
>> Minhaz,
>> minhaz.cistoner.org || cistoner.org
>>  _______________________________________________
>> OWASP_PHP_Security_Project mailing list
>> OWASP_PHP_Security_Project at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp_php_security_project
>>
>>
>>
>> _______________________________________________
>> OWASP_PHP_Security_Project mailing list
>> OWASP_PHP_Security_Project at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp_php_security_project
>>
>>
>
>
> --
> Abhishek Das
>  IIT Roorkee
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_php_security_project/attachments/20140709/6a883715/attachment.html>


More information about the OWASP_PHP_Security_Project mailing list