Introduction

This article will teach you how to authenticate users with Django in a simple, quick, and secure manner. You'll also learn how to require authentication on certain pages of your website, and how to gracefully handle login and logout functionality.

The target audience is people who have had minimal experience with Django, and are aware of how Django works in a basic manner.

Synergy is a popular application for sharing a keyboard and mouse between multiple computers on multiple operating systems using your network. One of it's biggest flaws is that the underlying protocol is unencrypted. This means that people could potentially read what you type remotely. This article describes a method for setting up an encryption layer for Unix-like and Windows machines as well as automatically starting Synergy on system boot-up without user-prompts.

While I have no doubt there are several articles on this subject elsewhere, I'm going to give you a walk through from my point of view about how you can set up synergy across multiple Windows and Unix-like systems securely.

This walk through will be divided into two parts. First will be Unix-like setup and the second part will be Windows setup.

What follows is a repost of my first article on nulldigital.net, on the 10th of May 2006. A long time ago, when I was all innocent! Good times. The original article as been modified slightly as I sounded like such a git back then. I know it's slightly simple for this site but since nulldigital.net is closing I want to repost the articles from there to neverfear.org. So lets get started..

Introduction

The scenario is you are without Internet connectivity anywhere. You have found either an open wireless access pointed or perhaps you're staying in a hotel which permits rented Internet via services like

Spectrum Interactive (previously known as UKExplorer). You make the connection, whether its physically connecting the Ethernet cables, or instructing you're wireless adapter to lock onto the radio signal. You are prompted with some sort of authorisation page when you open a browser. You don't have access to it, so what do you do?

Overview

Currently, most websites log you in the same way: You enter a username and password, the web-server hashes the password (generally via MD5(), or SHA1()). This hash is then compared to the one stored in a database - if it matches, the user knows the original password, so it logs them in.

This method has numerous problems, such as the password being sent unencrypted to the web-server, and the fact many users reuse passwords, if an intruder works out a users password (though any means), there is a good chance they can log into the same users email account, online banking etc etc..

The whole username/password login method has many flaws, most are down to the fact most people struggle to remember a single 5-6 character password, let alone multiple random messy looking passwords such as "Xm2K?pdT&av", as most "good password guides" suggest.