ASP Security

Results 1 to 2 of 2

Thread: ASP Security

  1. #1
    Join Date
    Dec 1969

    Default ASP Security

    Can anyone give me any advice or point me in the direction of any resources on the following topic.<BR><BR>I am currently developing a project to post timesheet and expense information into a SQL server based accounts package.<BR><BR>The timesheet forms, will be both internet and intranet based.<BR>Security on the intranet is not a problem, but obviously the internet is a different matter.<BR><BR>Users on the internet will be required to authenticate themselves via a userID and password, which will be stored in the Accounts package.<BR>Would the use of SSL provide a sufficient level of added security,or do I need more?<BR><BR>If so What?

  2. #2
    Join Date
    Dec 1969

    Default RE: ASP Security

    Make sure your SQL server is &#039;outside&#039; the internet, so the SQL server is not accesible from the internet, only through the IIS server. If your coding of the loginpage is good enough, and your Username an password are sent over an SSL connection *I* would not worry about security. However, if your data is so classified that nobody should never, never get their hands on it, don&#039;t publish it on the internet.<BR><BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts