This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
Hello friends! I require to implement a small amount of security for my website.Like the administrator password have to be secure.I do not know how to go about it. Please advice me on 1.Using encryption techniques for this password,(OR) 2.How to start using https(Im totally ignorant about https) Pls tell me any reference for using https along with JSP,tomcat and does it involve quite amount of work? Thanks in advance!
The first step in securing any password scheme, as you have guessed, is to institute an https protocol setup. That's beyond the scope of this forum -- since it is primarily a setup issue -- so I'm going to be moving this to the Tomcat forum. How you secure the password on the server end depends a great deal on what you are doing and how. Is it ok to store the password in a clear text file? Does it need to be stored in a database? How secure from people with server access does it need to be?