Solved

Web Api 2 Basic Authentication & HTTPS?

Posted on 2014-04-26
2
398 Views
Last Modified: 2014-05-01
Q. Is using Basic Authentication and SSL cert really enough security?

Every security methodology I read highly recommend using SSL certs (HTTPS).

Q. This makes me curious why not keep authentication basic?

Q. Why mess with tokens, keys, etc...?
0
Comment
Question by:WorknHardr
2 Comments
 
LVL 79

Accepted Solution

by:
David Johnson, CD, MVP earned 400 total points
ID: 40025323
With basic authentication you know me (the server and I've verified with my certificate who I am) but I don't know who you are except that a username and password matched.  Other methods allow me (the server) to verify that you really are you and not a shoulder surfer.
0
 

Author Comment

by:WorknHardr
ID: 40025522
Agreed. Upon further reading I've learned that many web services are app-specific and basic login is adequate. Whereas a social website would use OpenID for a more user friendly experience.
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Split in Javascript 5 40
Webform example, External Authentication Services, OAUTH, asp.net 4.6.2 1 34
Delete HTML table rows 12 30
Modal Popup Extender control 1 22
In this Article, I will provide a few tips in problem and solution manner. Opening an ASPX page in Visual studio 2003 is very slow. To make it fast, please do follow below steps:   Open the Solution/Project. Right click the ASPX file to b…
International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question