Securing Our Site
Security isn’t what you came for. You probably didn’t sit down to build a web site saying to yourself, “My security model is going to blow people away!” Sadly, securing user passwords isn’t a sexy way to build your business—but who said protecting your business from disaster was going to be sexy? The real problem is that getting security right is hard. Just when you think your cute little hash and DIY cookie scheme is working, you realize there’s an attack vector that you’ve forgotten about. A quick browse through the history of cryptographic hash functions illustrates the difficulty of trying to get these things right. It doesn’t take too many smart, focused attackers to find a way for Eve, Mallory, and company to sneak into your site.
KeywordsLogin Request User Object Cryptographic Hash Function Public Class Public Void
Unable to display preview. Download preview PDF.