Solved

Web Api 2 Basic Authentication & HTTPS?

Posted on 2014-04-26
2
395 Views
Last Modified: 2014-05-01
Q. Is using Basic Authentication and SSL cert really enough security?

Every security methodology I read highly recommend using SSL certs (HTTPS).

Q. This makes me curious why not keep authentication basic?

Q. Why mess with tokens, keys, etc...?
0
Comment
Question by:WorknHardr
2 Comments
 
LVL 79

Accepted Solution

by:
David Johnson, CD, MVP earned 400 total points
ID: 40025323
With basic authentication you know me (the server and I've verified with my certificate who I am) but I don't know who you are except that a username and password matched.  Other methods allow me (the server) to verify that you really are you and not a shoulder surfer.
0
 

Author Comment

by:WorknHardr
ID: 40025522
Agreed. Upon further reading I've learned that many web services are app-specific and basic login is adequate. Whereas a social website would use OpenID for a more user friendly experience.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I recently went through the process of creating a Calendar Control of events with the basis of using a database to keep track of the dates that are selectable, one requirement was to have the selected date pop-up in a simple lightbox.  At first this…
IntroductionWhile developing web applications, a single page might contain many regions and each region might contain many number of controls with the capability to perform  postback. Many times you might need to perform some action on an ASP.NET po…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

27 Experts available now in Live!

Get 1:1 Help Now