Q

Creating a secure login page

How can you ensure your login page won't be vulnerable to SQL injection and other attacks? Application security expert Paul Holm explains how you can use SSL and encryption to fend off hackers.

What security precautions should we take when creating a login page?
When creating a login page, consider the following security measures.

If the content is highly confidential, use SSL. It will encrypt the user ID or password so any hackers intercepting Internet traffic will not be able to read the data passing through the Internet.

Depending on how you are authenticating, make sure you are not vulnerable to SQL Injection attacks. For more information about preventing SQL injection vulnerabilities, check out http://www.unixwiz.net/techtips/sql-injection.html. SearchAppSecurity.com also has a few tips on SQL injection in this feature, Don't become a victim of SQL injection.
This was first published in May 2006

Dig deeper on Software Quality Resources

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSOA

TheServerSide

SearchCloudApplications

SearchAWS

SearchBusinessAnalytics

SearchFinancialApplications

SearchHealthIT

Close