Home > Ask the Security Experts > Questions & Answers > Creating a secure login page
Ask The Security Expert: Questions & Answers
EMAIL THIS

Creating a secure login page

Paul Holm EXPERT RESPONSE FROM: Paul Holm

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 28 April 2006
What security precautions should we take when creating a login page?

>
When creating a login page, consider the following security measures.

If the content is highly confidential, use SSL. It will encrypt the user ID or password so any hackers intercepting Internet traffic will not be able to read the data passing through the Internet.

Depending on how you are authenticating, make sure you are not vulnerable to SQL Injection attacks. For more information about preventing SQL injection vulnerabilities, check out http://www.unixwiz.net/techtips/sql-injection.html. SearchAppSecurity.com also has a few tips on SQL injection in this feature, Don't become a victim of SQL injection.


BROWSE BY TAG
Web Authentication and Access Control,   Enterprise Identity and Access Management,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Web Authentication and Access Control
Group to shed light on secure identity management threats
How to confirm the receipt of an email with security protocols
Schneier-Ranum Face-Off: Is Perfect Access Control Possible?
Kaminsky reveals key flaws in X.509 SSL certificates at Black Hat
Changing times for identity management
How to use single sign-on for Web access control to prevent malware
IBM USB banking device stops keyloggers, malware
Can mutual authentication beat phishing or man-in-the-middle attacks?
Could someone place a rootkit on an internal network through a router?
Sun launches open source OpenSSO for identity management

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
access log  (SearchSecurity.com)
anonymous Web surfing  (SearchSecurity.com)
authentication, authorization, and accounting  (SearchSecurity.com)
identity chaos  (SearchSecurity.com)
knowledge-based authentication  (SearchSecurity.com)
multifactor authentication (MFA)  (SearchSecurity.com)
walled garden  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice



Find Security Solutions for Your Business
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts