.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Secure Login

Posted By:      Posted Date: September 25, 2010    Points: 0   Category :ASP.Net

We will be releasing a site, one of the question I am trying to answer is "How do I know they are who they say they are?".

There are various ideas I have in mind in order to tackle question. At the same time, I do not want to put so much security constraint that it becomes cumbersome for clients to register and use the site for their benefit.

I am interested on hearing from anyone who has good suggestions or have implemented something of this sort.

View Complete Post

More Related Resource Links

Implement secure login to Access 2010 web db


Users should log in to web-published db with their individual ID and password.  Then they can ONLY see/edit/add to data that matches their ID.  How do I set this up in Access 2010, publishing via Sharepoint 2010?  I have never done this before, so please view me as a novice, although I have developed in Access for years.  I would assume I must first create a table of users names, IDs, and passwords.  Then what...?


pdf files in document library cause second login on secure sharepoint site


in somewhat of a twist to the previous kb 943280 I have clients accessing my wss 3.0 site over ssl.

they attempt to go into their document libraries and are able to receive the ms type documents and their associated icons show up.

however in attempt to get to the pdf documents they're asked to login again, and if they bypass the login they can access the pdf file fine, it just doesn't draw the pdf icon.

I do have the icon correctly installed, for me as site owner the icon displays fine and I do not get asked to login again.

What I have seen with the other users is that they're using Vista home and/or business with the 256bit encryption while I am using the 128 bit encryption.

This site was also previously on a hosted site, not requiring ssl, but no one had the second login issue which makes me think I am missing a server option that should be on my machine.

Thanks in Advance!

Secure login from a non-secure HTTP page.


I have a custom mini login user control that I have embedded in the top of my website which shows on every page. These pages are non-secure HTTP://.   I would like to avoid having to redirect the user to a HTTPS page to perform the login but I definitely don't want to send login credentials to the server in plain text.

I am trying find a method to send the user's login credentials encrypted via https from a non-secure (http) page.

I tried to set the postbackurl for the login button to itself but in https, but the user's input is not retained and the buttonLogin_click is not fired when I set the button postbackurl property. My ASP.net web application is VB.Net framework 4.0

I am assuming this can be done because I see lots of websites where login fields are on available on every page and they are running http and I can believe they are not encrypting the login credentials.

Any guidance is much appreciated.

I thought this would be simple... Trying to create a login does an ajax check before submit


I have the standard .net login control that is working.  (Still learning .net after 15yrs of classic)

What I want to do is OnButtonClick run a javascript function (to do an ajax call to the db to check if login is valid or not) and if it returns true, then submit the form normally, else don't submit. The piece that I can't figure out, is how to correctly override the default click even to hit my JS routine and then submit the form properly afterwards.

Thanks ahead of time

How to modify the login control



I'd like to record more information than the default control allows as well as perform actions with the input when the form is submitted but I'm having trouble figuring out how.

So firstly, if I want to record the middlename for example, how would I do that, and by default, where would it go if anywhere?
When the form is submitted, I'd like to take specific input, such as just the middlename for example, and write some linq to sql code to specify when and how it's stored.
In what event would I put this code?


create user wizard login error message dont show in a message box?




i am using create user wizard and capturing other information within content template when a new user

registers. Some of the textboxes are binded to required field validators.


there is a validation control on the page and ShowMessage box is True.

If they dont complete some of the text boxes then the message box pops Up with the error message.

It does not however include information errors like "User already exists" or Email address already exists

from the create user wizard membership  UserName and Password Textboxes


is it possilbe to hook all of these up so I get one message box with all errors including membership ones?




Using network login



Is anyone have sample code to set up log in page using network login?

For example: User Name(same as Network Login)

                     Password(Same as Network Login)

Your help is highly appreciated.



Hi All

VS2005, .Net 2.5

i have been building a website and testing it in google chrome, which has been working fine.

i am now testing it in IE and firefox and the asp:login doesnt work, it doesnt even post back when i click the 'login' button.

anyone and idea what might be going on? im not sure where to start, as i mentioned above the login works fine using google chrome.


Visual Web Developer 2010 Express "Copy Web Site" using different login


I created a site and am trying to grant another pesron access to upload changes to it without giving them my super-user login.

I made a login for her but I can't test whether it works or not because no matter how much I "disconnect" in the Copy Web Site page of VWD 2010, reconnecting to the same site always logs in as my superuser account without prompting me for a login again.

How do I test is the account it set up correctly before having her try to upload to it?    I want to force the login to remote site dialog to pop up again to test her account.

Any ideas?

Login Adpater


I am having problems getting the adpaters to work.  The Whitepaper references a vsi to install but the link to download does not contain the vsi - just source for the CSSFriendly kit.  The kit is missing the css/import.css file also.

Anyway, I fumbled around and was able to get the menu working but I cannot figure out how to specify the css class for the login control.  With the CSSFriendlyAdparters.browser file in my project, I lost all styles and most of the features of the login control.  The menu uses cssselectorclass but I tried that server tag on the <asp:login> and it did not work.  The original cssclass attribute does not seem to do anything either.

Can someone point to some documentation on how to use these tags and integrate with the CSSFriendly.dll adpaters.

Thank you,


Cutting Edge: Building A Secure AJAX Service Layer


This month Dino builds a service layer that authenticates users of Silverlight 2 and ASP.NET AJAX services to prevent illegal access to sensitive back-end services.

Dino Esposito

MSDN Magazine September 2008

Trustworthy Computing: Lessons Learned from Five Years of Building More Secure Software


Five years ago, Bill Gates issued a directive to enhance security across the board. Since then, many valuable lessons have been learned about building more secure software.

Michael Howard

MSDN Magazine November 2007

Identity: Secure Your ASP.NET Apps And WCF Services With Windows CardSpace


Windows CardSpace replaces traditional authentication with a more consistent and streamlined login process and improves trust between end-users, applications and services. Michèle Leroux Bustamante explains.

Michele Leroux Bustamante

MSDN Magazine April 2007

Desktop Security: Create Custom Login Experiences With Credential Providers For Windows Vista


Why is a change to the Windows logon plug-in interface so exciting? Because with credential providers you can customize the logon experience for your users.

Dan Griffin

MSDN Magazine January 2007

Secure Habits: 8 Simple Rules For Developing More Secure Code


Never trust data, model threats against your code, and other good advice from a security expert.

Michael Howard

MSDN Magazine November 2006

Secure By Design: Your Field Guide To Designing Security Into Networking Protocols


If you were to build a new communications protocol from scratch, how would you address security? Here the authors take a look at that question and generate some valuable insights into secure protocols.

Mark Novak and Andrew Roths

MSDN Magazine September 2006

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend