[pmwiki-users] Making passwords more powerful
randy at brownragfilms.com
Tue Dec 25 15:12:09 CST 2007
I can imagine three features that would allow administrators to
combine user-authentication and page passwords in very powerful ways:
1) a wildcard authorization group, where belonging to any
authentication group that matches the wildcard means belonging to the
larger group. For example, anyone who belongs to @Ustudents or
@Ulecturers would be a member of @U* automatically.
2) a password group, where you could change the password for the
password group and it will affect all pages that contain the password
group as a password. For example, if a page called SubscriberPage has
a password &SecretPassword - where & indicates a password group - and
if the &SecretPassword password is set to DecemberPassword, then
anyone who enters DecemberPassword would be allowed access to
SubscriberPage. This allows changing passwords on groups of pages
without requiring accounts for the users. (The members of a password
group would not be "authenticated users", since they haven't
authenticated their name. It's just a level of indirection for
passwords.) I recently added this suggested feature (not the syntax)
3) a password-only login form or option for the standard login, which
pops up in two circumstances: (a) when a password-only attribute is
set to On for the page or (b) when the user has already authenticated
identity. Then authenticated users could add additional passwords
without being confused by seeing user name on the form. This option
would also be used for pages of a guest section of the wiki, where the
presence of Name on the login form only confuses the user.
Does anyone else think these features would be useful? Has all this
already been considered?
A relatively new PmWiki-fan,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the pmwiki-users