Quote:
Originally Posted by oceangaia
Seems silly sometimes, especially for websites that do not hold critical data. I'm pretty sure an international crime ring is not going to pull out all the stops to hack my CD account to make posts and make me look rational.
|
That is true, and has been brought up before.
Generally in conjunction with why forums, like this one,
don't run SSL or TLS security, even while setting
or changing passwords.
There are, however, a few people who have some reputation
at stake. My reputation in the fields of mathematics, cryptography,
and a few other esoteric fields is worth quite a bit - to me.
Quote:
But as an ASP.Net developer, I'll let you in on the secret reason. Almost nobody develops their own authentication code. We just use the framework code provided by Microsoft and usually go with the default configuration.
|
I had a feeling most of them were working with some
sort of standard code, since most of them look too much
alike. Seems like someone would put forth an improved
version, since there is so much room for improvement.
(I could make suggestions as to what features to improve)