During registration, I save things like username, password(secured), user data from the registration form. What other data is common to save. Is storing the ip address from which the user verified necessary? and how about the ip from which they registered? Is there a security reason to store this data, and is the effort worth collecting and storing all this data?
During registration, what server-side data should be saved in the database
297 Views Asked by twitter At
2
There are 2 best solutions below
0
Steve Nay
On
A lot of that information (especially IP address) is available in your server logs, so it may not be worth the extra effort to keep track of it with the user registration. If you were to start getting spam from a certain IP address, you could easily figure that out and block them using server logs, but there may be advantages to keeping tying that to specific user accounts.
I also like Rook's point about the "last IP address you used was X".
Related Questions in PHP
- How to add the dynamic new rows from my registration form in my database?
- Issue in payment form gateway
- How to create a facet for WP gridbuilder that displays both parent and child custom fields?
- Function in anonymous Laravel Blade component
- How to change woocomerce or full wordpress currency with value from USD to AUD
- General questions about creating a custom theme Moodle CMS
- How to add logging to an abstract class in php
- error 500 on IIS FastCGI but no clue despite multiple error loggings activated
- Composer installation fails and reverts ./composer.json and ./composer.lock to original content
- How to isolate PHP apps from each other on a local machine(Windows or Linux)?
- Laravel: Using belongsToMany relationship with MongoDB
- window.location.href redirects but is causing problems on the webpage
- Key provided is shorter than 256 bits, only 64 bits provided
- Laravel's whereBetween method not working with two timestamps
- Implementing UUID as primary key in Laravel intermediate table
Related Questions in DATABASE
- How to add the dynamic new rows from my registration form in my database?
- How to store a date/time in sqlite (or something similar to a date)
- Problem with add new attribute in table with BOTO3 on python
- When an E-R attribute should be perceived as a relationship attribute or as an entity set attribute?
- SQLAlchemy: efficient relationship loading in 3-way many-to-many relationship
- Cannot connect to Postgres Database when running Quarkus Tests with Gitlab ci
- Local or remote database with react-native?
- I want to edit a specific row in database
- How to enter data in mongodb array at specific position such that if there is only 2 data in array and I want to insert at 5, then rest data is null
- Open Web Library
- database login.py and register.py error showing 404 file not found and doesn't work
- SQL71561: SqlComputedColumn: When column selected
- Liquibase as SaaS To Configure Multiple Database as Dynamic
- Updated max input vars but table still shows error
- Spring does not map set of roles
Related Questions in SECURITY
- HTTPS configuration in Spring Boot, server returning timeout
- HSM ZKA control mask values
- OWASP Amass Subcommands
- Is there a need for BPF Linux namespace?
- Error when trying to execute a binary compiled in a Kali Linux machine on an Ubuntu system
- When sanitize/encode while implementing tags system like on SO
- spring security version in spring-boot-starter-security
- I am currently trying to implement a rudimentary firewall from a video I watched but the nimda worm detection is not working and i do not know why?
- Is it possible for `sudo` to fail temporarily with the correct password? Hacking suspected
- Is it viable proxying all my mobile apps requests, to some kind knowing that a request is coming from a secure source
- What abilities should I concentrate on while bug hunting, and how can I improve the quality of my bug bounty reports?
- System.ArgumentOutOfRangeException: I passed this error in every single program
- How to prevent users from creating custom client apps?
- Does server-side content security policy exist for youtube video player API, app, mod apks and website?
- Can we pass a hostname/IP address as a query string in a GET request in REST API
Related Questions in REGISTRATION
- When transferring mri t1 to mni152 spaces, the dimensions change and lose information, is that not a problem?
- how to connect registration form in the database in ms access vb.net
- Problem with login and register function i session Flask
- Issue with Registration: User Data Not Saving to Database (Django)
- Meta for developers - Verification code too short
- Encountering 404 Error When Posting Registration Data to Server Endpoint in React Application
- How do I have PBI filter out registration records that occur prior to any time gap of two years or more?
- How 'torch.nn.Functional.grid_sample' module actually works in the case of 2D gray scale image?
- Move "I am vendor" and "I am customer" at the top of the form before other fields in Dokan
- Django Rest Framework New User Registration with Admin activation
- Azure STT is giving error HttpResponseProxy{HTTP/1.1 400 Bad Request
- Save selected country from countries dropdown in WooCommerce registration
- Laravel login and redirect after registration fails
- Keycloak 21 Custom Registration Error: Expired Code
- Laravel - How to pass arguments to function in route controlller?
Related Questions in USER-REGISTRATION
- Automatically sending "Reset Password Reset" on user account registration
- Override public static
- Is there a way to assign group according registration source?
- Django Rest -api User registration
- Registration template not overriden in Keycloak 21
- How to troubleshoot Django registration error
- Getting ValueError when using UserCreationForm
- add_action hook is not working on user_register in wordpress
- Devise Registration Ruby on Rails - Migration Error: Duplicate column name
- wordpress plugins multiple user types registration with multple subscriptions for each type of user
- React Native MySQL User Registration
- When user registers, his credentials don't show up in DB
- Form Validation Errors Not Displayed in my HTML Template
- How do I add a WP user role select dropdown to the MEMBERPRESS registration form?
- Add WooCommerce dynamic country and state dropdowns to login or register forms
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
The IP address could change during a session for legitimate reasons. Other information provided by the HTTP header, such as the User-Agent is trivial to spoof so there is no added security in checking or storing these fields.
That being said I do like ssh and gmail's feature of "The last ip address you use was X".