Posted: Wed Aug 21, 2002 8:18 am
Hmm I wouldn't really call this "high security." Most of what I mention probably falls under the category of "best-practices" or at least as far as I understand them.
Sites I've designed/co-authored:
I've also worked on a sourceforge.net offsite install that required additional security code added to it. This site of course uses most of what I've mentioned but also involves specially crafted firewalls, IP/DNS filtering, LDAP, etc. We're hoping to move it to a proper PKI system in the near future with both client/server certs.
So most of my sites are not high visibiity/ likely targets for hackers, but why make things easy for them. I guess its also a bit of "How would I want my account on a remote server protected?" If I expect a certain level of security/privacy from a service, I should make sure my services offer the same amount.
If you only use logins for basically forum post author tracking, then you're probably fine doing the basic level of security. If your website offers some larger service, even just as large as allowing people to edit their old posts for instance, a higher level is probably warranted to minimize the chance of a compromise and to limit the effects of a compromise.
The example I gave is only about a line or two more than the regular basic MD5 login system and protects your users much better. If you code it into your own persoanl library you don't have to worry about it again, so where's the harm in being paranoid.(all security people should be paranoid.) A good site should protect both itself from malicious users and its regular users/community from the bad guys. Most people focus only on the first half.
Another part of the answer is ever since I took a class from Ron Rivest (the R of RSA), I've always wanted to find that one more way of making something more secure. Sure, sometimes I decide its not worth the effort, but its a fun mind game and some of the most intellectually stimulating work I've done.
Sites I've designed/co-authored:
- a simple caption contest for photos (users upload photo, other users provide possible captions for the photos, users vote for their favorite n photos)
- a library system (track cd/video/books checkout/queues, allow user submission of new items, but kept seperate from official library items, allow user rating and commenting of items at the cd or track level)
- on-line registration site for ballroom dance competitions
I've also worked on a sourceforge.net offsite install that required additional security code added to it. This site of course uses most of what I've mentioned but also involves specially crafted firewalls, IP/DNS filtering, LDAP, etc. We're hoping to move it to a proper PKI system in the near future with both client/server certs.
So most of my sites are not high visibiity/ likely targets for hackers, but why make things easy for them. I guess its also a bit of "How would I want my account on a remote server protected?" If I expect a certain level of security/privacy from a service, I should make sure my services offer the same amount.
If you only use logins for basically forum post author tracking, then you're probably fine doing the basic level of security. If your website offers some larger service, even just as large as allowing people to edit their old posts for instance, a higher level is probably warranted to minimize the chance of a compromise and to limit the effects of a compromise.
The example I gave is only about a line or two more than the regular basic MD5 login system and protects your users much better. If you code it into your own persoanl library you don't have to worry about it again, so where's the harm in being paranoid.(all security people should be paranoid.) A good site should protect both itself from malicious users and its regular users/community from the bad guys. Most people focus only on the first half.
Another part of the answer is ever since I took a class from Ron Rivest (the R of RSA), I've always wanted to find that one more way of making something more secure. Sure, sometimes I decide its not worth the effort, but its a fun mind game and some of the most intellectually stimulating work I've done.