password-protecting web pages/directories

Status
Not open for further replies.
H

heavenly

Member
Which is considered more secure and why?

Combination of server side scripts (php, asp, et al) and database (MySql, Oracle, et al)

Or


IIS built-in authentication.
 
Authentification in your script is always a risk since there could be a way to "kill" it by exploiting a bug in the language or in your own code.
The less layers between the server and the authentification, the better. But then of course you lose a lost of flexibility.
 
How do you customized failed IIS authentication? I don't like a user receiving the cryptic 404 page if he or she clicks cancel.

And how does the IIS authentication work?
 
I don't know, and don't really want to know anything about IIS. I guess there is something in the control panel that will allow you to customize the error 403 page.
 
You can set up IIS to authenticate various ways. We use active directory so they need a domain name \ username and the correct password. If you cancel you get a "you are not authorized to view this page" error. I think you can replace that page with a custom page within IIS.
 
Status
Not open for further replies.

Similar threads

Japan still using visit Japan Web
27
1K
Durien replied
What is the best web browser for android?
39
610
DavidGzz replied
McDonald's AI hiring chatbot exposed data of 64 million applicants with "123456" password
21
201
Mistake replied
Sony CEO Insists ‘Madame Web’, "Kraven" Aren’t “Terrible” and Says the “Press Just Crucified It”
News 
39
2K
nush replied
What’s a good password maintenance app?
31
2K
RoboFu replied
Top Bottom