473,387 Members | 1,619 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > pros and cons for using https on a logon page?

Join Bytes to post your question to a community of 473,387 software developers and data experts.

Pros and cons for using https on a logon page?

1) What sorts of scenarios make the possibility of sniffing out a password a higher risk?

2) Do packets travel unencrypted over 802.11 wireless? Is it easy to sniff such
packets and catch a submit of a logon web page using http? Wireless strikes me as the
greatest risk.

3) Have you used http or https for Logon.aspx pages and why?

4) Anyone know if IIS on Windows Server 2003 has https built in? Easy or hard to
configure?

5) If one uses https does one have to do any different code in the CodeBehind for the
web page? Or is that all handled in the IIS configuration and Web.config?

6) How does one redirect from an https logon back to the http page the user logged in
on? Does the http part show up in the RETURNURL argument?
Dec 4 '05 #1
1 1574
Hi Randall,

I'd recommend reading this article regarding switching betweeen HTTP
and HTTPS automatically:

http://www.codeproject.com/aspnet/We...ecurity_v2.asp

You can install the free SelfSSL as part of the IIS resource kit. Users
will get a warning that your certificate is not trusted, but the
connection will be encrypted:

http://www.microsoft.com/downloads/d...displaylang=en

RapidSSL has pretty cheap trusted SSL certificates:

http://www.rapidssl.com/ssl-certific...e-rapidssl.htm

Regarding your questions:

1. if someone can see a packet going to your server, they can see the
password if not using SSL.

2. if using encrypted wireless, then no. But the leg of the trip that
does not go over encrypted wireless will not be encrypted.

3. yes. to increase user trust, and to prevent packet sniffing

4. IIS supports SSL, but you need an SSL certificate.

5. you won't need to change any code. you can enforce SSL using IIS

6. see the first link

Cheers

Neil

Dec 4 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
What is pros/cons of using XSLT?
by: Fred | last post by:
Not much expertise on XSLT and trying to understand it's uses when creating apps in VS.NET? If I wanted flexibility on the UI (View aspect of M.V.C.): - How does it compare with creating...
.NET Framework
2
pros and cons of using stored procedures for VB app ?
by: scott | last post by:
Hi, Just wondering what sort of problems and advantages people have found using stored procedures. I have an app developed in VB6 & VB.NET and our developers are starting to re-write some of the...
.NET Framework
2
pros and cons of using stored procedures for VB app ?
by: scott | last post by:
Hi, Just wondering what sort of problems and advantages people have found using stored procedures. I have an app developed in VB6 & VB.NET and our developers are starting to re-write some of the...
.NET Framework
0
posting login credentials and __VIEWSTATE using HttpWebRequest fails
by: msnews.microsoft.com | last post by:
I have been raking my brains on why this does not work. I get back the same login screen again instead of the home page redirection which should occur after a successful login: 'create a cookie...
ASP.NET
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!