Solved

security??

Posted on 1998-03-19
6
181 Views
Last Modified: 2013-12-25
I am building an intranet site that requires a userID and password for the users to get past the first page. At the moment the passwords are passed from a form as part of the URL. The trouble with this method is that the url gets cached in the temporary internet files directory on the client, so anybody can go up to someone elses pc and retrieve their id and password from the cache. Is there a way to turn off the cacheing on the clients machine, or a better (more secure) way to send passwords?? (the server is NT 4.0 running IIS3.0, the clients are w3.1,w95 and nt)
tia.
0
Comment
Question by:acsmith
  • 2
  • 2
  • 2
6 Comments
 
LVL 3

Expert Comment

by:slok
ID: 1858038
Under IE3 and Netscape you can set the caching to 0

For IE3, Options->Advance->Settings
For Netscape4, Preference->Advance->Cache

Set them to 0.
0
 
LVL 1

Author Comment

by:acsmith
ID: 1858039
Yeah, but I need to turn the caching off on the clients machine from the server (or find another way of sending passwords). I won't be able to get physically near the clients machines to set their browsers up for them.
0
 
LVL 3

Expert Comment

by:slok
ID: 1858040
how about using an applet to get the passowrd.
That way, the entry won't be cached.

If you accept this, I will submit this as answer.
0
How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

 
LVL 3

Accepted Solution

by:
bigelos earned 50 total points
ID: 1858041
To turn the caching off in all browsers, you just set the expiration date.  Here's how:

To help the browser to decide how long a cached copy of your pages should be used before retrieving a newer copy, you could use the following HTML tags:

    <META HTTP-EQUIV="Expires" CONTENT="Tue, 01 Jan 1980 1:00:00 GMT">

Above META tag should be placed in between your <HEAD> and </HEAD> tags. Also note that the date specified should be a date in the past so that the browser will immediately discard the cached copy or not cache at all.
0
 
LVL 3

Expert Comment

by:bigelos
ID: 1858042
slok,

Win3.1 won't do Java applets....
0
 
LVL 1

Author Comment

by:acsmith
ID: 1858043
cheers bigelos,
works a treat.
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

"In order to have an organized way for empathy mapping, we rely on a psychological model and trying to model it in a simple way, so we will split the board to three section for each persona and a scenario and try to see what those personas would Do,…
Although it can be difficult to imagine, someday your child will have a career of his or her own. He or she will likely start a family, buy a home and start having their own children. So, while being a kid is still extremely important, it’s also …
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question