Last post Apr 02, 2011 07:56 PM by jerryjoseph
Apr 02, 2011 04:29 AM|Djavid|LINK
In my login page, im showing a captcha to the user ofter 3 unsuccessfull attempts. this works fine, only if the user closes the browser and reopen it, the session is lost, so then he has again 3 chances to login without seeing the captcha. i want to prevent
this, i want still to show the captcha even in that case. My question is, what is the best way to achieve that? by storing the ip address of the client? is it possible to get the ip address of the client always? even through proxies and firewalls?
Or maybe other suggestion for this goal?
Thanks in advance.
Apr 02, 2011 07:56 PM|jerryjoseph|LINK
Yes you have to log all the login attempts along with the ip address. This information can be used to implement the logic.
You can get the ip address through proxies. Check out the thread below.