log in

Discussion in 'HTML' started by steve, Oct 23, 2003.

  1. steve

    steve Guest

    Hi all

    I like to make a log in page for my customer so each customer will
    have there own user name and password and after they enter them user
    name and password they will be taken to the different pages.
    What is the secure way to do this.
    I found some JavaScript to do that but it look very unsecured.

    Thanks
     
    steve, Oct 23, 2003
    #1
    1. Advertising

  2. steve wrote:

    > Hi all
    >
    > I like to make a log in page for my customer so each customer will
    > have there own user name and password and after they enter them user
    > name and password they will be taken to the different pages.
    > What is the secure way to do this.


    In a nutshell:
    * Run everything over https so its encrypted
    * Have the password sent for every page, either using basic authentication,
    or cookies[1]
    * Authenticate the password with some process running on the server. The
    specifics depend on the features of the server.

    [1] Don't depend on one check and then given them an unprotected URI. That
    way leads to allowing the password to be bypassed

    --
    David Dorward http://dorward.me.uk/
     
    David Dorward, Oct 24, 2003
    #2
    1. Advertising

  3. steve

    steve Guest

    > steve wrote:
    >
    > > Hi all
    > >
    > > I like to make a log in page for my customer so each customer will
    > > have there own user name and password and after they enter them

    user
    > > name and password they will be taken to the different pages.
    > > What is the secure way to do this.

    >
    > In a nutshell:
    > * Run everything over https so its encrypted
    > * Have the password sent for every page, either using basic

    authentication,
    > or cookies[1]
    > * Authenticate the password with some process running on the server.

    The
    > specifics depend on the features of the server.
    >
    > [1] Don't depend on one check and then given them an unprotected

    URI. That
    > way leads to allowing the password to be bypassed


    How do I protect the page?
     
    steve, Oct 24, 2003
    #3
  4. steve wrote:
    > How do I protect the page?


    I explained it here: <bn9mjj$6tf$1$>

    Hint: If you need more detail about something, then don't full quote the
    reply and follow it with a repeat of the original question.

    --
    David Dorward http://dorward.me.uk/
     
    David Dorward, Oct 24, 2003
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Henrik_the_boss
    Replies:
    0
    Views:
    2,667
    Henrik_the_boss
    Nov 5, 2003
  2. Amratash
    Replies:
    0
    Views:
    532
    Amratash
    Apr 13, 2004
  3. =?Utf-8?B?VG9tIFdpbmdlcnQ=?=

    My.Log.Writeexception not writing to Application Event Log.

    =?Utf-8?B?VG9tIFdpbmdlcnQ=?=, Jan 20, 2006, in forum: ASP .Net
    Replies:
    0
    Views:
    2,389
    =?Utf-8?B?VG9tIFdpbmdlcnQ=?=
    Jan 20, 2006
  4. unomystEz
    Replies:
    0
    Views:
    560
    unomystEz
    Nov 19, 2006
  5. vj
    Replies:
    0
    Views:
    682
Loading...

Share This Page