Jeff Atwood shows us why we should consider better password policies when developing applications or setting company policy. As we know, the biggest threat to…
Category: Security
We had code in an ASP.NET page trying to call the Commerce Server Profiles web service that resides on the same physical box. The credentials…
I blogged previously about some issues with SelfSSL and multiple web sites. A colleague of mine, Charles Medcoff, blogs about a related problem with SelfSSL…
This post in the ASP.Net forums has been the best method for me to make a single-sign on work across different sites in the same…
Learn how to leverage Active Directory in your .Net apps: The .NET Developer’s Guide to Identity
I am working on an ASP.Net app that usesWindows authentication for users. I have a certain section of the app, the “Administration” set of pages…
SelfSSL is a tool found in the IIS 6.0 Resource Kit. It allows you to generate SSL certificates for a development environment. In all the…
d.code asks about securing connection strings. If you are willing to deal with a little unmanaged code, you can use the machine key or a…
I needed to create a publisher for exceptions to a text file (XML would be better but the requirement was for text…). I based my…
Last week I got to attend the Microsoft Security Summit in Detroit. The event lasted an entire business day, and was broken down into a…