Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Web Api 2 Basic Authentication & HTTPS?

Posted on 2014-04-26
2
Medium Priority
?
409 Views
Last Modified: 2014-05-01
Q. Is using Basic Authentication and SSL cert really enough security?

Every security methodology I read highly recommend using SSL certs (HTTPS).

Q. This makes me curious why not keep authentication basic?

Q. Why mess with tokens, keys, etc...?
0
Comment
Question by:WorknHardr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 83

Accepted Solution

by:
David Johnson, CD, MVP earned 1600 total points
ID: 40025323
With basic authentication you know me (the server and I've verified with my certificate who I am) but I don't know who you are except that a username and password matched.  Other methods allow me (the server) to verify that you really are you and not a shoulder surfer.
0
 

Author Comment

by:WorknHardr
ID: 40025522
Agreed. Upon further reading I've learned that many web services are app-specific and basic login is adequate. Whereas a social website would use OpenID for a more user friendly experience.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lots of people ask this question on how to extend the “MembershipProvider” to make use of custom authentication like using existing database or make use of some other way of authentication. Many blogs show you how to extend the membership provider c…
User art_snob (http://www.experts-exchange.com/M_6114203.html) encountered strange behavior of Android Web browser on his Mobile Web site. It took a while to find the true cause. It happens so, that the Android Web browser (at least up to OS ver. 2.…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question