Welcome to WebmasterWorld Guest from 54.226.238.178

Forum Moderators: mack

Message Too Old, No Replies

Password Protection

How to use passwords for website and download access

     
11:59 pm on Jun 11, 2002 (gmt 0)

Full Member

10+ Year Member

joined:Aug 10, 2001
posts:331
votes: 0


Hi there

Being highly un-technical, I'm not really sure how this all works...

We are currently developing products that require:
1) Delivery of one-time download URLs
2) Delivery of usernames and passwords for area access on a website

And all this needs to happen in conjunction with our online payment system (WorldPay).

It is scaring me. ;)

Help?

Thanks, Cy

6:40 pm on June 12, 2002 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lorax is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Mar 31, 2002
posts:7575
votes: 0


Whoof, well it is possible but it won't be easy to make it bullet proof. Do you know any programming languages?
10:37 pm on June 12, 2002 (gmt 0)

Full Member

10+ Year Member

joined:Aug 10, 2001
posts:331
votes: 0


Hi Lorax, thanks for the reply.

Well, I coded my degree dissertation in Fast Basic ;)

Seriously though, no, but since this post I've had a look and there seems to be a couple of off-the-shelf packages available at fairly reasonable rates.

Does anyone have experience of these types of software, and which might be the best?

Ta, Cy

2:10 pm on June 13, 2002 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lorax is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Mar 31, 2002
posts:7575
votes: 0


Personally, I hand build this type of functionality. Could you provide a list of the packages you found - that may help.

On the other hand. If you've worked with any programming language then you should at least have a concept of logic constructs like if then else and are aware there are functions to help you achieve some of the basic tasks. I'd suggest you consider learning PHP. It's a scripting language and very easy to learn the basics of.

8:46 pm on June 13, 2002 (gmt 0)

Full Member

10+ Year Member

joined:Aug 10, 2001
posts:331
votes: 0


OK, there's this one... [illmatic.net ] which looks the best to me.

There's also a whole load of scripts here...
[hotscripts.com ]

I would use one of the free scripts, but I really need ease of use, mininal setup time etc., and for passwords to be delivered by email etc.

Cheers, Cy

2:35 am on June 14, 2002 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lorax is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Mar 31, 2002
posts:7575
votes: 0


Well, Illmatic will give you the secure access but I didn't see a way for it to be tied into a one-time download. Which means you'll need to write the code.

Like I said before I hand build these so I'm not familiar with the scripts you've indicated.

I suggest you bring this to the attention of the Perl, PHP, and Python scripting board. A lot of folks visit there and may be able to offer you additional insight and/or ideas.

Sorry I couldn't be more help.

BTW - reference this thread so folks can get a historical perspective of what you're after.

GB

4:41 am on June 16, 2002 (gmt 0)

Full Member

10+ Year Member

joined:Aug 10, 2001
posts:331
votes: 0


Great suggestion lorax, thanks.

Cy

4:27 pm on June 17, 2002 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Aug 26, 2001
posts:1076
votes: 0


hmmmmm..... i set up loads of sites with worldpay.

what happens if you provide one-time download URLs and the download doesn't complete? the answer is that you could be spending a lot of time sending the product to the customers, arguing with customers, responding to chargebacks and so on.

providing intangible sales also leaves you wide open to fraud as customers do not need to give you genuine postal addresses. that means they could use any valid credit card number and by the time you get the order through, they will have downloaded the product. you will then very probably be charged back.

why not send goods in tangible form instead? printing documents or burning CDs doesn't take much effort, is fairly cheap, makes your product look more professional, and helps prevent fraud. the only way a customer could get the product would be through the post - no fraudster in his right mind would use his real postal address as this would mean they could be traced. where a real address is required for delivery, fraudsters often don't bother.

sure, this isn't a rule, but it certainly helps.

11:44 pm on June 17, 2002 (gmt 0)

Full Member

10+ Year Member

joined:Aug 10, 2001
posts:331
votes: 0


Hi Crazy_Fool

Thanks for those helpful comments. I see that the one-time download thing definitely has drawbacks now, so I'm thinking of just providing them with a password to an area where they can download their product.

The sale price is very low (under $5), and the product unlikely to be attractive to fraudsters. I'm just betting we can get a good amount of impulse buys at that level.

We already provide very similar products in tangible form, but I think with this one it's immediacy the customer is after.

Thanks again

Cy

8:20 am on June 19, 2002 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Aug 26, 2001
posts:1076
votes: 0


fraudsters don't just "purchase" products they may be interested in, they commit fraud purely for the sake of committing fraud. it doesn't really matter what the product is or whether they want it, they will attempt to get it for the sake of getting it.

if immediacy is vital and downloads are a must havee, have a free limited (trial) version of whatever available for download prior to purchase, and the full product can be sent by post. there is very little that the vast majority of people cannot wait a day or two for.