.Net IIS security missing features
From: gg (asdfasd)
Date: 02/12/03
- Next message: Henry Ma: "Configuration Error"
- Previous message: Henry Ma: "Re: Access denied ( From one site to another, that is in another server)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "gg" <asdfasd> Date: Wed, 12 Feb 2003 13:24:07 -0800
Although .net has some nice user authentication features, it seems they
skimped or stop just short of a complete solution like
Account lockout features:
To help slow brute force attacks, there should be account lock
features that are configurable. Like number of trys, time to lockout the
account, etc.. This should have been implemented within the ISAPI for .net.
Please don't tell me to use a cookie, you will only show your ignorance.
Are we suppose to use IIS6, and will it have these featueres in
conjunction with the .net framework?
- Next message: Henry Ma: "Configuration Error"
- Previous message: Henry Ma: "Re: Access denied ( From one site to another, that is in another server)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
