Solved

security??

Posted on 1998-03-19
6
173 Views
Last Modified: 2013-12-25
I am building an intranet site that requires a userID and password for the users to get past the first page. At the moment the passwords are passed from a form as part of the URL. The trouble with this method is that the url gets cached in the temporary internet files directory on the client, so anybody can go up to someone elses pc and retrieve their id and password from the cache. Is there a way to turn off the cacheing on the clients machine, or a better (more secure) way to send passwords?? (the server is NT 4.0 running IIS3.0, the clients are w3.1,w95 and nt)
tia.
0
Comment
Question by:acsmith
  • 2
  • 2
  • 2
6 Comments
 
LVL 3

Expert Comment

by:slok
Comment Utility
Under IE3 and Netscape you can set the caching to 0

For IE3, Options->Advance->Settings
For Netscape4, Preference->Advance->Cache

Set them to 0.
0
 
LVL 1

Author Comment

by:acsmith
Comment Utility
Yeah, but I need to turn the caching off on the clients machine from the server (or find another way of sending passwords). I won't be able to get physically near the clients machines to set their browsers up for them.
0
 
LVL 3

Expert Comment

by:slok
Comment Utility
how about using an applet to get the passowrd.
That way, the entry won't be cached.

If you accept this, I will submit this as answer.
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 3

Accepted Solution

by:
bigelos earned 50 total points
Comment Utility
To turn the caching off in all browsers, you just set the expiration date.  Here's how:

To help the browser to decide how long a cached copy of your pages should be used before retrieving a newer copy, you could use the following HTML tags:

    <META HTTP-EQUIV="Expires" CONTENT="Tue, 01 Jan 1980 1:00:00 GMT">

Above META tag should be placed in between your <HEAD> and </HEAD> tags. Also note that the date specified should be a date in the past so that the browser will immediately discard the cached copy or not cache at all.
0
 
LVL 3

Expert Comment

by:bigelos
Comment Utility
slok,

Win3.1 won't do Java applets....
0
 
LVL 1

Author Comment

by:acsmith
Comment Utility
cheers bigelos,
works a treat.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Uploading files to the web server has become common part of almost any kind of web application. People use different technologies to solve this, but regardless of the technology used, it is always useful to have some kind of progress indicator shown…
"In order to have an organized way for empathy mapping, we rely on a psychological model and trying to model it in a simple way, so we will split the board to three section for each persona and a scenario and try to see what those personas would Do,…
This tutorial walks through the best practices in adding a local business to Google Maps including how to properly search for duplicates, marker placement, and inputing business details. Login to your Google Account, then search for "Google Mapmaker…
This video teaches users how to migrate an existing Wordpress website to a new domain.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now