I’m thinking about using flash for a login script (and hardcode the user/pass in the A/S). The number of users will be limited and administration minimal.
I have some questions though (surprise surprise ):
Is it possible to dissassemble a swf-file? So “evildoers” can read the user/pass directly from the actionscript?
Is it impossible to download a flashmovie from a website? I know there are dl-utilities that trawls through a site and give you the option to dl all of it, will this include the flashmovies too? (Very “niche”-question, I know, but highly relevant)
Because, in that case, I guess it would be possible to make a script that finds the user/pass through trial and failure…
This could be avoided though if I implement a “wait for XX seconds if 10 inlogging attempts failes”-thing…if you manage to fail 10 times you don’t deserve to get in ( ) and if you use a script to crack the pass/user you would need ages…
What do you think? Is using flash for login a good/bad idea?
The point isn’t to make a “Fort Knox”-script but to apply a moderate security.