Re: Strong vs. Weak Authentication
From: John Veldhuis (john.veldhuis_at_universal.nl)
Date: 05/01/03
- Previous message: megan: "Re: usb token"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 01 May 2003 09:39:06 +0200
Matt C wrote:
> What is the difference between Strong and Weak Authentication?
>
> I believe the typical HTTP username/password authentication is
> considered Weak. If I use the same approach but send the data over SSL
> does that make it Strong?
>
> If so, is that because of the use of Digital Certificates.
>
> A couple of simple examples would be very instructive.
>
> Thanks in advance,
> Matt
Hi Matt,
Sending the login data over SSL would make your login data more
confidential, but would not make the authentication stronger.
When you would let the webserver require two way ssl authentication, so
both the client and the server would authenticate themselves using
Digital Certificates, that would be more in the direction of strong
authentication.
Groetjes
John
- Previous message: megan: "Re: usb token"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
