I want to generate a url that cannot be bookmarked. It will have to be constructed using some random characters.
Suppose I use java.util.Random to create the random part of my url using 30 characters how easy would it be for a person to guess that url?
What can I do to make my url hard to be guessed?
What can I do to prevent some hacker from programmatically trying out a number of options to connect to my url?
My url is intended for one time use. It will be mailed to a person and he can use it to do some secure operation that should not be permitted to any one else. The validity of the link expires in a short period of time.
My company uses a secure mail product that does something like that. It sends you a link to your document along with a generated userid & password that you must enter to get into the site. [ December 22, 2005: Message edited by: Stan James ]
You could use the HTTP GET array, which stores variable names and values within the URL itself. That way you can make one page that accepts a secret variable value you include in the link sent to someone.
Thanks for your responses. What is the product that you are referring to Stan? I dont think using a product is a viable solution for me.
Peter, can you tell me how secure the solution you suggested is? What kind of measures can I take to prevent it from being hacked by some one who will try out all random combinations possible, programmatically or something?
Originally posted by Janis Lee: Thanks for your responses. What is the product that you are referring to Stan? I dont think using a product is a viable solution for me.
Peter, can you tell me how secure the solution you suggested is? What kind of measures can I take to prevent it from being hacked by some one who will try out all random combinations possible, programmatically or something?
Janis,
It's quite simple. If you create a String of 64 characters which is randomly generated, what is the possibility that someone could use brute force (aaaaa, aaaaab, aaaaac....) to arrive at the exact string you created? This each time, you create such a random string, and only you know about this string. No malicious hacker can guess such a String.
Post by:autobot
Not looking good. I think this might be the end. Wait! Is that a tiny ad?
a bit of art, as a gift, that will fit in a stocking
![[Logo]](/templates/default/mobile/images/mobile-moose.gif)
