Re: Web Authentication

From: Emilio Casbas <ecasbas@xxxxxxx>
Date: Fri, 28 Jul 2006 08:39:09 +0200

Maxim Kostyukov wrote:

What exactly you want to achieve by doing "better web authentication"?
In you case, what are those weaknesses with htpasswd scheme?

I am asking because it is almost impossible to answer your question
without additional info.

----- Original Message ----- From: "pimp mastermind" <gbchustla@xxxxxxxxx>
To: <security-basics@xxxxxxxxxxxxxxxxx>
Sent: Thursday, July 20, 2006 7:36 AM
Subject: Web Authentication

I have Slackware 10.1 runing. I am using it as a router and
fileserver. I use Apache 1.3 for web access. I have some web
directories which i want to secure more strongly than with htpasswd
but i dont know any other ways of authentication.

Never use basic authentication for confidential data.

Also a lot of my
scripts in those directories are wirted in PHP Perl and CGI scripting.
I need to find a better way of authentication? Does any one knows any
better way of authentication?

There are many ways to achieve this, you can look for digest authentication,
or you can make your own authentication script with SSL.

Thanks
Emilio C.

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

References:
- Web Authentication
  - From: pimp mastermind
- Re: Web Authentication
  - From: Maxim Kostyukov

Prev by Date: Re: How to stop Admins from sniffing ?
Next by Date: Re: Deny client from obtaining IP address
Previous by thread: Re: Web Authentication
Next by thread: RE: Web Authentication
Index(es):
- Date
- Thread

Relevant Pages

Re: Web Authentication
... what are those weaknesses with htpasswd scheme? ... Well the problem with htaccess is that there is no mechanism that ... but i dont know any other ways of authentication. ... scripts in those directories are wirted in PHP Perl and CGI scripting. ...
(Security-Basics)
Re: Web Authentication
... What exactly you want to achieve by doing "better web authentication"? ... what are those weaknesses with htpasswd scheme? ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence in Information Security. ...
(Security-Basics)
Re: Vendor specific authentication protocol
... Why would you want to exchange text before the authentication phase rather ... >>>using these .scp dial up scripts which are used for automatical login. ... What the chat script for linux are the .scp scripts ... i don't find that possibility with .scp scripts. ...
(comp.protocols.ppp)
Re: Web Authentication
... Please use such programs only if you have a permission from the ... make a brute force attack to htaccess? ... but i dont know any other ways of authentication. ... scripts in those directories are wirted in PHP Perl and CGI scripting. ...
(Security-Basics)
Re: Web Authentication
... make a brute force attack to htaccess? ... > What exactly you want to achieve by doing "better web authentication"? ... >>scripts in those directories are wirted in PHP Perl and CGI scripting. ...
(Security-Basics)