WebApp Sec mailing list archives
Re: Should login pages be protected by SSL?
From: Stefano Di Paola <stefano.dipaola () wisec it>
Date: Tue, 21 Jun 2005 13:40:27 +0200
Il lun, 2005-06-20 alle 18:20, Amir Herzberg ha scritto:
Here is a simple question: should web login forms be always protected by SSL?
Hi I suppose the right answer is "it should". Well, sometimes there is no chance to use a SSL connection especially when you web site is located in a multi user web space, or a hired virtual server. I put together HMAC technology and form authentication to improve security on non secure situations.. Feel free to look a it on http://www.wisec.it/projects.php?lang=en hope it helps. Regards, Stefano -- ......---oOOo--------oOOo---...... Stefano Di Paola Software Engineer Email: stefano.dipaola_at_wisec.it Email: stefano.dipaola1_at_tin.it Web: www.wisec.it ..................................
Current thread:
- Re: [summary] Re: Should login pages be protected by SSL?, (continued)
- Re: [summary] Re: Should login pages be protected by SSL? Wolfgang Reder (Jun 24)
- Re: [summary] Re: Should login pages be protected by SSL? Michael Silk (Jun 24)
- Re: Should login pages be protected by SSL? Dave Ockwell-Jenner (Jun 22)
- Re: Should login pages be protected by SSL? Achim Hoffmann (Jun 23)
- RE: Should login pages be protected by SSL? Glenn Euloth (Jun 21)
- Re: Should login pages be protected by SSL? Peter Watkins (Jun 21)
- Re: Should login pages be protected by SSL? Amir Herzberg (Jun 21)
- Re: Should login pages be protected by SSL? Saqib Ali (Jun 21)
- Re: Should login pages be protected by SSL? Ian Rogers (Jun 21)
- Re: Should login pages be protected by SSL? Amir Herzberg (Jun 21)
- Re: Should login pages be protected by SSL? Achim Hoffmann (Jun 21)
- Re: Should login pages be protected by SSL? Amir Herzberg (Jun 21)
- Re: Should login pages be protected by SSL? Torsten Mueller (Jun 21)
- RE: Should login pages be protected by SSL? Almerindo Graziano (Jun 21)