Broken Thoughts

Techknowledge

.Net Dojo: Forgot Your Password Workflow

As an experienced web developer, I have seen all kinds of crazy login workflows. The security question workflow, however, is the absolute dumbest workflow ever. Not only are most questions geared at public domain information, but how many people are actually going to remember what they typed in for their answer? Also, depending on how good (or bad) the programmers are, if the answer is case senstive, or miss-spelled, you are hosed. I can’t stand sites who use this workflow when there are much better, and more secure ways to allow users to regain control of their account. To learn more about why this type of authentication is bad, read Wish it was Two-Factor by Alex Papadimoulis. He discusses how the secret question does not fullfill two factor authentication by any means.
Read more »

January 29, 2008 Posted by Broken Bokken | .Net | , , , , , , , , , , , , | No Comments

.Net Dojo: Cookies with ASP.NET 2.0

Recently I was testing the cookie class for my library of utilities called Olympus. This library consist of commonly used things like cookies, a database provider, memory caching, error reporting, and other tools. I stumbled across a big change in the way cookies are handled in .NET 1.1 and .NET 2.0. Here’s how I made cookies work.

Read more »

November 5, 2007 Posted by Broken Bokken | .Net | , , , , , , , , , , , , , | No Comments

.Net Dojo: Windows Cardspace

Several months ago I was looking at the new .NET 3.0 features and decided to play around with them. Windows Presentation Foundation (WPF) and Windows Communication Foundation (WCF) are fairly straight-forward. I really wanted to check out Cardspace, or Infocard.

Read more »

November 1, 2007 Posted by Broken Bokken | .Net | , , , , , , , , , , , , , , , , , | No Comments