Getting the Secret from the User

Previous page
Table of content
Next page

Getting the Secret from the User

The most secure way of storing and protecting secrets is to get the secret from a user each time the secret is used. In other words, if you need a password from the user, get it from the user, use it, and discard it. However, using secret data in this way can often become infeasible for most users. The more items of information you make a user remember, the greater the likelihood that the user will employ the same password over and over, reducing the security and usability of the system. Because of this fact, let s turn our attention to the more complex issues of storing secret data without prompting the user for the secret.


Previous page
Table of content
Next page
Writing Secure Code
Writing Secure Code, Second Edition
ISBN: 0735617228
EAN: 2147483647
Year: 2005
Pages: 153
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
Crystal Reports 9 on Oracle (Database Professionals)
FileMaker Pro 8: The Missing Manual
Systematic Software Testing (Artech House Computer Library)
SQL Hacks
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
Junos Cookbook (Cookbooks (OReilly))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy