login-system

What is the best approach of creating a login System?

I am always wondering that the login systems I have created is vulnerable to attacks or not. As many other programmers I also use sessions to hold a specific token token to know the login status. Cookies to hold the username or even sometime saved status. What I am wondering is, Is this the right way? Is there any approach better than...

Drupal Modify Login System

Hi all, I'm newbie in drupal... I have a drupal website, and i want to extend its login system - i've been looking around the code but end up with headache. what i wan to do is: I want to put additional hidden form inside any login form create a session variable that will be used on login process (after user click submit) and then de...