Results 1 to 2 of 2
  1. #1
    Join Date
    Mar 2004

    Unanswered: Primary Key choice

    I want to log login attempts. If you do 3 failed logins with the same username the account is disabled for 5 minutes.

    Now I got followoing table to log the data in MySQL.

    TStamp as timestamp
    User as char(15)
    IP_Address as char(16)
    Session as char(32)

    I was thinking to use timestamp as primary as this logfile is not very important. If 2 users do a failed login at the same second I simply would catch the mysql error and don't write the 2nd login attempt.
    Somehow I am not satisfied with this as it is a kind off faulty programming.

    An auto increment ID key has to be reseted somehow as it might get big fast in an environment with many short living log entries.

    Any Ideas how to solve this best?

  2. #2
    Join Date
    Jul 2004
    Dundee, Scotland
    use a field called logon_attempts, default it to 0 (zero).

    use a field called logon_block, timestamp.

    if the logon_block timestamp is in the future, the account is blocked. else if the user login is successful, set logon_attempts to 0 (zero) and let them in.

    if the user password is invalid use update table set logon_attempts=logon_attempts+1 where user...

    if the user password is invalid and logon_attempts = 3 they have had their 3 logon attempts, so you can lock the account by setting the contents of logon_block to 5 minutes in the future.
    Last edited by yellowmarker; 08-04-04 at 15:23.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts