Or do you think this will just increase the amount of failed login attempts?


maybe at least enter the first letter of the county, lol hope they won't mess that up

Or do you think this will just increase the amount of failed login attempts?


Not if you drop a cookie on the users local machine. They would only have to provide that info the first time or any time they delete cookies.

Or do you think this will just increase the amount of failed login attempts?


Honestly, I do think this would increase failed login attempts ... you would be surprised, there are lots of bad typists out there and also people just in a hurry to plow through stuff like login forms, etc. I think you would frustrate people. The ideal goal is to provide security with as few obstacles to your visitor as possible.

Other ideas...
1. You could use zip-codes instead (just numbers and only 5 of them)
2. Or use area codes even (just 3 numbers unique to their location)
3. You could log and display the visitor's IP to remind them that they really are NOT anonymous
4. As mentioned, you could use cookies to remember some of the extended steps of a login

The greatest danger to people breaking security on your site is probably either...
1. Brute-force attacks -- trying lots of User-name/Password pairs
The best defense against this is enforcing strong passwords for your clients -- which is sure to annoy some people when they can't use the same password for every website so they can remember their passwords. And limiting the number of login attempts during a given timeframe or from a given IP (which is fraught with peril due to shared IP blocks)
2. Social-engineering -- getting people to voluntarily give up their login information in a web-forum (such as this) or other context and pretext.
This is the most common and likely scenario where someone gains access to other peoples information -- and there is nothing you can do about it. Maybe you could enforce changing the password regularly -- which is sure to annoy some people ... as above.

There is only so much you can do. If you have secure server-side scripts and secure SQL protocols and feel confident that a hacker can't access your server environment when not using a client login ... then implementing too many barriers to legitimate access to client resources will only make people discouraged with using your site.


Here's one possible model you might employ ...

1. Visitor arrives at your site

2. Test for existing cookie
2a. if so => PASS
2b. if not => next step

3. Require user login
3a. new user registration
3b. limit login failed-attempts
3c. lost password retrieval via on-record email
3d. login success => next step

4. capture visitor IP (easy) and compare to visitor geographic location (*)
4a. matched user-location to visitor current location => PASS
4b. no-match => next step

5. Require user to enter geographic unique identifier of their primary residence (ZIP or Area Code)
5a. able to provide this => PASS
5b. unable to provide this => FAIL

This way you provide as many opportunities as possible to have the visitor avoid going through the extra security-verification steps, but they go through them if needed.

By resolving the IP to the geographic location you reduce the chance for a hacker (that is not the user's neighbor anyway) to know the additional information needed to complete the login, even if they obtain the username/password somehow.

This does pose an additional barrier to the legitimate user when they are not in their home-town (away on business, etc) and does not provide security against hackers in the same geo-lcoation ... but as a compromise might be additional security against hackers in a different town, state or country.

Just something to think about ...


Wow! Thanks everyone for the great advice!