Skip to content

{ Tag Archives } asp.net

An Excuse Not to Roll Your Own Authentication Scheme

The Rails 3.1 Release Candidate announcement contained news of many new and useful features, plus these regretful words:
has_secure_password: Dead-simple BCrypt-based passwords. Now there’s no excuse not to roll your own authentication scheme.
I will briefly provide an excuse.
"Simple BCrypt-based passwords" is a reasonable feature, but shouldn’t be mistaken for end-to-end authentication, or even a substantial subset [...]

Also tagged , , ,
2011 05 26 .NET
Ruby
Web Comments (5)

Don’t Depend Upon the ASP.NET Membership Tables

One very popular option for implementing user security in ASP.NET is to use Forms Authentication with the SQL Server membership provider. This provider creates several database tables to store user-related information, as well as a number stored procedures.
From time to time, a developer will attempt to add the ASP.NET Membership/Forms Authentication tables to their Entity [...]

Also tagged , , ,
2010 03 05 .NET
Databases
Web Comments (3)

Bad Behavior has blocked 713 access attempts in the last 7 days.

Close