Hexydec Security System

In order to be able to provide a personalised service to your customers via the Web, you may wish for them to have individual user accounts, with a secure username and password based login system.

Hexydec Security Logo Whether you want to control access to your Content Management System (CMS), or enable customers to view their orders in your E-commerce system, the ability to verify user credentials before allowing them access to certain parts of your Website is a must.

Comprehensive Security

Hexydec Security System is designed to seamlessly handle the security of your web pages, this comprehensive security system will be the gatekeeper to your web applications, which in turn provide access to your secure data.

Through a username and password control users can login to their account, their session security is then handled by the system to control their access, log them out after a time of no activity, and prevent unauthorised users from accessing the system using a brute-force attack, session hijacking and session fixation.

All passwords are stored in the database in a non-retrievable hashed format along with a randomly generated salt to prevent dictionary attacks, so even if the hashed passphases got into the hands of a malicious user, they would have to generate a new dictionary for each passphase stored in the system to retrieve the original password, which is computationally infeasible in cryptographic terms.

Group Based Permissions

The Hexydec Security System ties in with the Hexydec Framework by providing a database driven group based permissions system linked to the scripts registered in the Website navigation database, and through the use of a content management system, administrators can control user accounts, which group each user is in, and which pages each group has access to.

Password Reset Function

For when one of your users looses their password, the system has a built-in password reset function. Here, the user enters his/her username into a box, this then sends them an email with a link to reset their password (This is to make sure the password is not reset if someone else has requested the password reset, in which case they can ignore the email).

The email contains a link back to the website with a reset code, upon clicking, this presents the user with a box to enter and verify their new password. (Emails delivered using Hexydec MultiMail)

Security System Management

Other components may be required to manage the security system, administrators will need to manage the registered user accounts, or you may wish for each user to be able to update their own contact details or change their password.

Groups and permissions can be preconfigured, but you may require to have control over this also. For these tasks, customised components can be developed using Hexydec CMS Framework.

We can also develop other bespoke components to provide you with the functionality you require, such as account registration forms, statistics packages, or content management systems to edit user specific data in other database tables.

Fully Customisable

Hexydec Security System has been designed to be extensible and customisable, so if you have bespoke components to your user account database, or you want people to login with their email address, the setup and database binding can be customised in the configuration file. HTML output can also be easily customised and integrated with your branding.