[Web4lib] remote access patron authen.

Mark Sandford sandfordm1 at wpunj.edu
Thu Jan 17 13:27:19 EST 2008


I would suggest against using just a barcode for authentication if you're
worried about the effects of illegal access on your licensing agreements.
Worldwide, there are online forums where people post stolen authentication
data for databases.  Using just a barcode opens up the rather easy
possibility of people jumping from one barcode number to another.  They just
need to figure out which part of the barcode is static and which numbers
change, then it's trial and error till they hit on one that works.  A
user/pass system or a barcode/PIN combo is much more secure.

Anyone with an ezproxy type system might want to do a Google search for
their url stem (ezproxy.library.org) and see where they find themselves.  It
can be quite interesting.


-- 
Mark Sandford
Special Formats Cataloger
William Paterson University
(973)270-2437
sandfordm1 at wpunj.edu


More information about the Web4lib mailing list