ASP.NET Security

[Guest]

I am interested in starting to get some security on my webpages. I was thinking that I should just hash? passwords and store them in an SQL table. Then on pages where I would like security, write a function that checks for a session varible to make sure that the user is authenticated. Does this present to many wholes? The information I will be protecting, are not all that important right now, but I hope to post more private information at a later date. Basicly, will this work and will it be safe enough, and if so, how is it that the hash code is generated. Like what is the VB code for that? Thanks

Devin

 

[Eliyahu Goldin]

Devin,

ASP.NET security is a big topic. There is a very good Microsoft resource on
this:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/secnetlpMSDN.asp

To hash passwords use method
System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile
()

Eliyahu

I am interested in starting to get some security on my webpages. I was

thinking that I should just hash? passwords and store them in an SQL table.
Then on pages where I would like security, write a function that checks for
a session varible to make sure that the user is authenticated. Does this
present to many wholes? The information I will be protecting, are not all
that important right now, but I hope to post more private information at a
later date. Basicly, will this work and will it be safe enough, and if so,
how is it that the hash code is generated. Like what is the VB code for
that? Thanks