Friday, 17 February 2012

Authentication of an ASP.NET Web application

Form authentication is the most commonly used authentication methods of all in ASP.NET programming. Depending on the Client requirement, as a programmer one might want to consider using the SSL throughout the site or at least on the login page. But overall, this approach is not so secure as it sends the User’s credentials to the server in clear context.

Lack of password policy, passing incorrect internal messages to the browser, using cookies and other insecure means to store the Users’ credentials, etc. are the possible deficiencies with decision of authentication policy in ASP.NET programming.

A web application’s authentication in ASP.NET can be further enhanced with the following:
> Password policy… enforcement of a password policy including strong passwords, password expiration, and possibly locking User accounts after some unsuccessful login attempts.
> Hashing of password… if you manage your authentication store, make sure to hash your all the passwords for the system
> Brute Force Attacks… introduction of a random delay of a few seconds on every login attempt will make the brute force attacks impractical to execute

At SPEC INDIA, our trained team of ASP.NET developers is eager to take care of any custom requirement from our probable Clients and prospects from all over the globe. If you have any requirement or queries, feel free to drop an email at our id lead@spec-india.com, we will be happy to assist you.

Happy ASP.NET programming!

5 comments:

  1. Its ture that a pic says more than you write. Very informative and beautiful blog it is. Thanks for sharing your ideas.
    Drupal Development

    ReplyDelete
  2. My cousin recommended this blog and she was totally right keep up the fantastic work!



    Custom Software Development

    ReplyDelete
  3. Thanks for your response Felcy. You may subscribe to our blog to receive our all the timely and knowledgeful updates. Feel free to post us at lead@spec-india.com if you have any requirements pertaining to ASP.NET development project outsourcing.

    We will be happy to assist you.

    Thanks and regards,
    SPEC INDIA Team.

    ReplyDelete