Identificarse | Registrarse | FAQ
Anonymous

Comment créer mot de pass à usage unique

+ Publicar una respuesta

6 mensajes Página 1 de 1


Comment créer mot de pass à usage unique

por Sbill06 » Mié Oct 03, 2012 9:38 am

Bonjour,

Je souhaite réaliser une base de données avec des mots de pass pré établis par moi et qui permettraient à ceux qui connaissent leurs password d'accéder à certaines informations. Mais comme il s'agit d'une page qui offrira un bon d'achat, je souhaite que l'utilsateur puisse utiliser une seul fois son mot de pass (car je ne souhaite pas qu'il transmette son mot de pass à un ami) ou qu'il puisse accéder à la page php + qu'une fois.

Merci de vos conseils ou éventuels scripts

Marie

Última edición por Sbill06 el Jue Oct 04, 2012 7:08 am, editado 1 vez en total

Avatar de Usuario

Sbill06

  • Mensajes: 2
  • Registrado: Mié Oct 03, 2012 9:25 am

Re: Comment créer mot de pass à usage unique

por XainPro » Mié Oct 03, 2012 3:41 pm

vous faire propre.
et de faire comme lui sur la première connexion, l'utilisateur ne devrait avoir à changer leur mot de passe!
Avatar de Usuario

XainPro

  • Mensajes: 3933
  • Registrado: Vie Feb 17, 2012 8:10 pm

Re: Comment créer mot de pass à usage unique

por Sbill06 » Jue Oct 04, 2012 4:08 pm

XainPro escribió:vous faire propre.
et de faire comme lui sur la première connexion, l'utilisateur ne devrait avoir à changer leur mot de passe!

J'étais heureux d'avoir une réponse à ma demande, mais snif, snif, je comprends rien à cette réponse
Marie
Avatar de Usuario

Sbill06

  • Mensajes: 2
  • Registrado: Mié Oct 03, 2012 9:25 am

Re: Comment créer mot de pass à usage unique

por XainPro » Vie Oct 05, 2012 11:38 am

désolé
j'ai dit que votre propre script
Avatar de Usuario

XainPro

  • Mensajes: 3933
  • Registrado: Vie Feb 17, 2012 8:10 pm

Re: Comment créer mot de pass à usage unique

por Dawncrichardson » Jue May 02, 2019 11:04 am

Create a One Time Password (OTP) in PHP

Step 1

Create the file otppass.php with the following code:
<?php
/**** ANANT ONE-TIME PASSWORD EXAMPLE ****/

session_start(); //STARTING THE SESSION AND THE

session_set_cookie_params(360);//SESSION EXPIRES IN 6 MINUTES

// USERNAME AND PASSWORD ARRAYS

$user = array(
'user1' => annat,
'scott' => tiger,
‘anat’ => xxxxxxx,
);

$phone = array(
'user1' => '+5353535333,
'scott' => '+44243535353,
anat’ => '+23554444444,
);

// Login information for anant NG - SMS Gateway
$anant_user = "admin";
$anant_password = "abc123";
$anant_url = "http://127.0.0.1:9501/api?";


// Functions used to send the SMS message
function httpRequest($url){
$pattern = "/http...([0-9a-zA-Z-.]*).([0-9]*).(.*)/";
preg_match($pattern,$url,$args);
$in = "";
$fp = fsockopen("$args[1]", $args[2], $errno, $errstr, 30);
if (!$fp) {
return("$errstr ($errno)");
} else {
$out = "GET /$args[3] HTTP/1.1\r\n";
$out .= "Host: $args[1]:$args[2]\r\n";
$out .= "User-agent: anant PHP client\r\n";
$out .= "Accept: */*\r\n";
$out .= "Connection: Close\r\n\r\n";

fwrite($fp, $out);
while (!feof($fp)) {
$in.=fgets($fp, 128);
}
}
fclose($fp);
return($in);
}

function anantSend($phone, $msg, $debug=false){
global $anant_user,$anant_password,$anant_url;
$url = 'username='.$anant_user;
$url.= '&password='.$anant_password;
$url.= '&action=sendmessage';
$url.= '&messagetype=SMS:TEXT';
$url.= '&recipient='.urlencode($phone);
$url.= '&messagedata='.urlencode($msg);

$urltouse = $anant_url.$url;
//if ($debug) { echo "Request: <br>$urltouse<br><br>"; }

//Open the URL to send the message
$response = httpRequest($urltouse);
if ($debug) {
echo "Response: <br><pre>".
str_replace(array("<",">"),array("<",">"),$response).
"</pre><br>"; }
return($response);
}


//FUNCTION TO GENERATE ONE-TIME PASSWORD
function anantOTP($length = 8, $chars = 'abcdefghijklmnopqrstuvwxyz1234567890')
{
$chars_length = (strlen($chars) - 1);
$string = $chars{rand(0, $chars_length)};
for ($i = 1; $i < $length; $i = strlen($string))
{
$r = $chars{rand(0, $chars_length)};
if ($r != $string{$i - 1}) $string .= $r;
}
return $string;}


//IF DEBUG VARIABLE IS TRUE, THE RESPONSE OF THE HTTP REQUEST WILL BE WRITTEN TO THE SCREEN
$debug = false;

// IF NOT POSTED ANYTHING YET, THE LOGIN PAGE IS LOADING
if (emptyempty($_POST)){
$i=0;
echo('
<html>
<body>
<h1>One Time Password Form</h1>
<form method="POST">
<table border=1>
<tr>
<td>Username:</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password"></textarea></td>
</tr>
<tr>
<td> </td>
<td><input type=submit name=submit value="Get Otp" OnClick="anantSend(this.form);"></td>
</tr>
</table>
</form>
</body>
</html>');}

//IF OTP HAS POSTED YET, anantOTP FUNCTION WILL GENERATE ONE
if (emptyempty($_POST['otphtml'])){
$_SESSION['otp']=anantOTP();


// CHECKING USER CREDENTIALS
if ($password!=$user[$username] || ((emptyempty($_POST['username']) && (!emptyempty($_POST['password'])))) || (emptyempty($_POST['password']) && (!emptyempty($_POST['username']))))
echo ('Please enter a valid username or password!');
elseif ((!emptyempty($_POST['submit'])) && (emptyempty($_POST['password'])) && (emptyempty($_POST['username'])))
echo ('No username or password entered');

elseif($password=$user[$username]){

//SENDING THE PASSWORD AND LOADING THE OTP-VERIFYING PAGE
anantSend($phone[$_POST['username']],'Dear '.$username.'! Your One-Time password is: '.$_SESSION['otp'],$debug);
echo (' <html>
<body>
<h1>Please enter your One-Time password to enter the site!</h1>
<form method="POST">
<table border=1>
<tr>
<td>Your One-time password:</td>
<td><input type="text" name="otphtml"></td>
</tr>
<tr>
<td> </td>
<td><input type=submit name=submit value="Confirm OTP"></td>
</tr>
</table>
</form>
</body>
</html>');
}}
else{

//IF AN OTP HAS ALREADY SENT, CHECKING ITS VALIDITY AND REDIRECTING TO THE PROTECTED CONTENT
$otp1=$_POST['otphtml'];
include('protectedcontent.php');}

?>
Step 2

Create another file protectedcontent.php.
<?php

if ($_SESSION['otp']==$otp1){
echo('<html>
<body><h2>You\'ve been successfully verified your One-Time Password</h2></body>
</html>');}

else { echo('<html>
<body><h2>Wrong Password!</h2></body>
</html>');}

?>

my review here
Avatar de Usuario

Dawncrichardson

  • Mensajes: 1
  • Registrado: Jue May 02, 2019 10:55 am

Re: Comment créer mot de pass à usage unique

por Curtisaevans1 » Jue May 30, 2019 7:54 am

The on demand passwords are disposable; once they are used, they will not work once again. Which must be reassuring for the massive swaths of individuals that ignore security professionals and utilize the same login across several accounts. Put simply, attackers cannot get the hands of theirs on a single element that could unlock the entire kingdom of yours.

The premise relies completely on you having the smartphone of yours by the side of yours. In that manner, it is much like two factor authentication protocols which kick into action whenever you attempt to sign in (first factor) as well as text you an unlock code (second factor). Several services - like Twitter, Facebook, and Gmail - offer two factor options. Get More Info
Avatar de Usuario

Curtisaevans1

  • Mensajes: 1
  • Registrado: Jue May 30, 2019 7:46 am


+ Publicar una respuesta

Página 1 de 1