Password security + MVC by Srinivas Alwala

Hi Ravi Vemula,

I have a doubt in the password security + MVC application topic.
If we look at the code the password is passing as plain text over the channel. If we want to implement a internet website using MVC, i think this approach of implementation is not satisfactory as hackers can use a tool which block the site prior gets posted completely when userid/password entered and steal the credentials and release to get posted.
Kindly let me know how can we say this approach is secure one.

*For Security purpose, I am removing all the contact details mentioned by User in this post*

You may also like...

  • RamiVemula

    Hello Srinivas,

    Its a very good question you asked me, but sorry for a late reply.

    Communication channel security can be handled by SSL and TSL Protocols. That means you got to configure Web Server to handle Public and Private Key Encryption and Sign Verification can prevent a hacker to tamper any data in the communication channel.

    Read more about Web communication Channel Security here – http://technet.microsoft.com/en-us/library/cc962039.aspx

    Thanks,
    Rami