Question about website security.

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I am going to start a website project.
Login is a part of it, I do trust that this part is really common,
and I think there is same standard way to provide enough security.

I am using IIS6 & ASP.

I designed just checking by request.form()

Please advise, thank you.

Re: Question about website security.

Quoted text here. Click to load it

Hi Cylix,
"Login" is a big topic, and you haven't been specific about what you
need at all. Is your Web site public (on the Internet) or private (on an
Intranet)? What degree of security do you want? Will a simple
userid/password be enough, or do you want something more sophisticated?
Does the challenge/response need to be encrypted as it travels over the
network? What's the consequence of your security getting hacked?

Answering those questions is only a start. I don't mean to discourage
your enthusiasm, but a poorly implemented logon form will provide a
false sense of security which might well be worse than none at all.
Since you don't know how to ask for what you need, my guess is that you
won't be able to construct a secure logon form. Please don't take that
as a personal insult or criticism, it is just a statement of fact. It is
a non-trivial subject that takes some time to understand. Ask yourself
the questions above, read a bit about Web security in general, then ask
again. You'll have a much more answerable question next time around.

Good luck

Philip /
Bulk HTML validation, link checking and more

Site Timeline