I'm developing an ASP.Internet website and added another layer of protection to my customers.

Once they login from the new machine they will have to setup that new machine with this site after responding to 3 security questions.

How do i do that?

Snacks? Can there be every other way?


One option is to trace known IP addresses. You can pressure the consumer to reply to the questions when the request comes from a mystery IP.

Make use of a persistent cookie. When the persistent cookie value does not match something you've saved in your database, make sure they are answer the questions, after which set a persistent cookie value.

Once they login from the new machine

You need to track customers who's machines are new aimed at your website. The only real possible method for you to accomplish this dependably is thru using snacks. When they weren't for your site before, they will not have passed your cookie along throughout the request.

If the consumer is missing your cookie once they first request the page (presuming this really is after login?), then encourage them to answer the questions. When the questions happen to be passed effectively, mark this inside your database having a key and appearance future demands for any cookie that contains this key.