Re: achieve password encryption
From: Pete (peted)
Date: 12/02/03
- Next message: Bob Erwin: "Re: User.IsInRole not redirecting"
- Previous message: bigMAC: "Again: Protecting ConnectionString in web.config"
- In reply to: Anton Sommer: "Re: achieve password encryption"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 2 Dec 2003 07:37:44 -0000
> Well I meant anyway encrypting the password on the way from the client to
> the webserver, so is SSL then the only opportunity there? How could I
> achieve it or are there different solutions to secure the transmission of
a
> password on the way from the client to the webserver.
>
I'd say SSL is the way to go as any technology you employ on the client
could be
open to abuse. Besides, SSL does it all for "free" for you (apart from a
slight
performance overhead)
A client side solution would probably be script based unless your thinking
of
installing assemblies (possible if it's in the intranet though).
I think client-side code should be kept to a minimum...especially when it's
security related.
HTH
Pete
- Next message: Bob Erwin: "Re: User.IsInRole not redirecting"
- Previous message: bigMAC: "Again: Protecting ConnectionString in web.config"
- In reply to: Anton Sommer: "Re: achieve password encryption"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
