Topic: How secure is the user-id dialog? (Page 1 of 1) $Pages that link to <a href="https://ozoneasylum.com/backlink?for=9686" title="Pages that link to Topic: How secure is the user-id dialog? (Page 1 of 1)" rel="nofollow" >Topic: How secure is the user-id dialog? <span class="small">(Page 1 of 1)</span>\$

hyperbole Paranoid (IV) Inmate From: Madison, Indiana, USA Insane since: Aug 2000	posted 09-30-2003 21:15 I was having a discussion with a friend about the user-id/password box that pops up on some web pages and I said I had heard some time ago that these boxes are as secure as you would need to protect a site or a page. He said he thought they had been hacked in the last couple of years and you need extra security measures to make sure unauthorized people don't get into the site. Does anyone know how secure the user-id/password dialog provided by .htaccess is? -- not necessarily stoned... just beautiful.
Slime Lunatic (VI) Mad Scientist From: Massachusetts, USA Insane since: Mar 2000	posted 09-30-2003 22:09 Over a secure connection, they're as secure as anything. Without a secure connection, even though the password is encrypted on the server, one could intercept someone's login on the way to the server and determine what their password is.
Hiroki Paranoid (IV) Inmate From: NZ Insane since: Dec 2002	posted 10-01-2003 12:36 Is that something like https or those kind of things, Slime? Hiroki Kozai
hyperbole Paranoid (IV) Inmate From: Madison, Indiana, USA Insane since: Aug 2000	posted 10-02-2003 17:28 Yes Hiroki, He's refering to accessing the page through SSL. These pages usually use the .shtml extension. Thanks Slime. Do you have any idea the encryption size used by apache for the passwords? -- not necessarily stoned... just beautiful.
Slime Lunatic (VI) Mad Scientist From: Massachusetts, USA Insane since: Mar 2000	posted 10-02-2003 19:22 Yeah, I was referring to https. (.shtml doesn't actually have anything to do with security; it usually has to do with SSI includes on the server.) I'm not sure what the encryption size is. If you need more information, you should search google for something like "htpasswd".

Topic: How secure is the user-id dialog? (Page 1 of 1) $Pages that link to <a href="https://ozoneasylum.com/backlink?for=9686" title="Pages that link to Topic: How secure is the user-id dialog? (Page 1 of 1)" rel="nofollow" >Topic: How secure is the user-id dialog? <span class="small">(Page 1 of 1)</span>\$

hyperbole
Paranoid (IV) Inmate

From: Madison, Indiana, USA
Insane since: Aug 2000

posted 09-30-2003 21:15

I was having a discussion with a friend about the user-id/password box that pops up on some web pages and I said I had heard some time ago that these boxes are as secure as you would need to protect a site or a page. He said he thought they had been hacked in the last couple of years and you need extra security measures to make sure unauthorized people don't get into the site.

Does anyone know how secure the user-id/password dialog provided by .htaccess is?

-- not necessarily stoned... just beautiful.

Slime
Lunatic (VI) Mad Scientist

From: Massachusetts, USA
Insane since: Mar 2000

posted 09-30-2003 22:09

Over a secure connection, they're as secure as anything. Without a secure connection, even though the password is encrypted on the server, one could intercept someone's login on the way to the server and determine what their password is.

Hiroki
Paranoid (IV) Inmate

From: NZ
Insane since: Dec 2002

posted 10-01-2003 12:36

Is that something like https or those kind of things, Slime?

Hiroki Kozai

hyperbole
Paranoid (IV) Inmate

From: Madison, Indiana, USA
Insane since: Aug 2000

posted 10-02-2003 17:28

Yes Hiroki,

He's refering to accessing the page through SSL. These pages usually use the .shtml extension.

Thanks Slime. Do you have any idea the encryption size used by apache for the passwords?

-- not necessarily stoned... just beautiful.

Slime
Lunatic (VI) Mad Scientist

From: Massachusetts, USA
Insane since: Mar 2000

posted 10-02-2003 19:22

Yeah, I was referring to https. (.shtml doesn't actually have anything to do with security; it usually has to do with SSI includes on the server.)

I'm not sure what the encryption size is. If you need more information, you should search google for something like "htpasswd".

Post Reply

Your User Name:
Your Password:
Login Options:	Remember Me On This Computer

Your Text: Insert Slimies » Insert UBB Code » Close Last Tag \| All Tags UBB Help	Loading...
Options:	Show Signature Enable Slimies Enable Linkwords

Topic: How secure is the user-id dialog? (Page 1 of 1)

Insert Slimies »

Insert UBB Code »