I would like to add a second layer of security for our admin website. This is for internal staff only but needs to be public on the internet so we can access it from anywhere. I currently have a website form asking for username and password, I was interested in an extra layer...
I used to use Basic Authentication for the extra network login - but since it's clear text, i am afraid someone will get the username and password and be able to login to my server directly!
I cannot lock down to a specific IP address as employees can connect from the road or home.
Does IIS 8 offer anything better than Basic Authentication now? Or what can I do? I think I saw Windows Authentication - is that better?
Using = Windows 2012, IIS 8, Coldfusion 11