One-time passwords offer solutions to dictionary attacks, phishing, interception, and lots of other security breaches. Here's how it all works.
MSDN Magazine May 2008
View Complete Post
Is it possible to authenticate a user using userDN and password? If so, then tell me the syntax.So far i have tried to authenticate using username and password from my c# code using directoryentry which takes the parameters like domainname,username and password. But i need to authenticate using Userdn and password.
Whenever I open my Crystal Report page, I am taken to the Database Authentication page where I am asked for
User name Data Name Password
Is there a way to avoid this and I save these authentication in my page once.
I am using VS2005, C#.
Any Help will be appriciated.
In my last column I introduced Password Minder, the tool I use to manage all of my passwords. It generates a long, random password for each site I visit, and makes it possible for me to use the most complex passwords possible, without ever having to see the actual password material or type it in manually.
MSDN Magazine October 2004
This article, the second of two parts, continues coverage of Web security for Windows. It introduces the Web Application Manager in IIS that allows Web processes to be isolated, decreasing the security risk associated with running in a logon session. The article then picks up where Part One left off-it discusses authentication methods such as basic authentication, digest authentication, integrated Windows authentication, and anonymous logons, and the benefits and drawbacks of each.
MSDN Magazine July 2000
I am using a function which requires a user name and password. I have written this username and password in my code behind file. How safe is it? If it is not safe, what are the risks and how to provide security to my code and application?
I need to deploy a WCF service hosted in IIS 7.5 which has the following constrains:
1) Using Windows Authentication
2) No server or client certificate is needed
3) Using either BasicHttpBinding or WSHttpBinding
4) Using Message Security, so that it is not possible to monitor the communication maliciously. (I think Transport Security is not possible without server certificate)
Is it possible to fullfil the above requirements simultaneously? Thanks for the reply in advance. I'll appreciate it:)
If anyone can please help me with this issue I would gladly appriciated and I thank anyone that can help and that takes the time to view this post. I have an application that has a user Login Control (provided by ASP). I am just now working with the integration of a dataBase created in MS visual studio 2010, to a developed website created in MS visual web developer 2010. My main goal is to create an authentication ticket that enables a user to be able to see a dataBase information only after that user has been successfully authenticated. Up to now I'm able to see the dataBase when i run the website even if I'm not log-in, can anyone please direct me in the right path to how i can create a home page that tells the user to log-in and once that user has successfully log-in it redirects the user to another page where the user can see the database and how I can add information to that dataBase only to specific members, thank you.
I have implemented forms authentication with ssrs 2008 r2. The problem is when I try to go to report builder it prompts for a user name and password. This doesn't work with the way we have our authentication setup. I have tried adding implementing the following:
but it still prompts for a username and password. Is there a way around this?
We are getting the following error, when we call a WCF service from IE. The service is developed in MS.NET 3.5 and hosted in IIS 6.0, Windows Server 2003 SP2
Security settings for this service require Windows Authentication but it is not enabled for the IIS application that hosts this service.
NOTE: The same is working GOOD in IIS 6.0, Windows XP SP2
"Integrated Windows Authentication" is enabled in the "Directory Security"
I want to accomplish wsHttpBinding with Windows Authentication and Message Security. I've created a test service and deployed on Windows Server 2008 and IIS 7.5.
The virtual directory has been assigned a application pool running under
custom account domain\username. Only
Windows Authentication is enabled on the virtual directory ( i DONT want anonymous access enabled).
I keep getting this error "Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service."
Below is my server config file. I've followed instructions at