Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

login forms "standard" way of doing things

Posted on 2011-10-23
4
Medium Priority
?
286 Views
Last Modified: 2012-05-12
Hi,

I'm looking for the most secure way of protecting a "login" section of a website.

Basically I use forms authentication but it doesn't seem to be secure enough.

In IE9 etc people seem to be able to get back in after logging out.

Whats the safest way to protect these areas?

Thanks
0
Comment
Question by:scm0sml
4 Comments
 
LVL 29

Accepted Solution

by:
Kumaraswamy R earned 2000 total points
ID: 37015998
HI

Implement Forms Authentication with Login page is the Best soln

Bellow url give some sample
http://msdn.microsoft.com/en-us/library/xdt4thhy.aspx
0
 
LVL 29

Expert Comment

by:sammySeltzer
ID: 37017896
I think you can fix this by adding these entries on your logout.aspx code behind in pageLoad event:

If Session.Count > 0 Then 'Clear sessions
    Session["username"] =""
     Session.RemoveAll()
  End If

You don't have to use the IF statement if you don't want to.
0
 
LVL 10

Expert Comment

by:GlobaLevel
ID: 37018568
In addition to the above,  I have added a linkbutton in the bottom of the page where you would also see "Terms of Use", "Privacy Policy","Logout"...then on button link event in code behind wipe out all the session

Public sub linkbutton1_OnClick(object as sender, eventargs as E) handles linkbutton1.click
Session("Username") = ""
Session("Password" = ""
Session("ShoppingCart") = ""

end sub


now the user cant get back in bc all session is hardcoded to nothing with no data retained.
0
 

Author Comment

by:scm0sml
ID: 37023767
OK thanks will give this a whirl and get back to you.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes in DotNetNuke module development you want to swap controls within the same module definition.  In doing this DNN (somewhat annoyingly) swaps the Skin and Container definitions to the default admin selections.  To get around this you need t…
IntroductionWhile developing web applications, a single page might contain many regions and each region might contain many number of controls with the capability to perform  postback. Many times you might need to perform some action on an ASP.NET po…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

804 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question