Web Authenthication?

HI there,
I am working as a Web tester and particularly interested in different mechanism of authenthication that can be used in the web environment e.g NTLM, Session cookies auth, etc. Especially I am looking for a paper that can describe the good and the bad of each of authenthication + any vulnerability or weakness of the authenthication.

Perhaps, if you could point me to a right paper / direction that would be great!
kecoakAsked:
Who is Participating?
 
Ted BouskillSenior Software DeveloperCommented:
This link has a chart of the pros and cons for the different mechanisms
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/523ae943-5e6a-4200-9103-9808baa00157.mspx?mfr=true

This site is full of great information
http://www.iis.net/default.aspx?tabid=1

Generally the weakness for any website is packet sniffing and potentially cookie hijacking (especially with WiFi)  You can search the web for more about those techniques.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.