The Definitive Guide To Website Authentication (beta)

Posted by Michiel de Mare on Stack Overflow See other posts from Stack Overflow or by Michiel de Mare
Published on 2008-08-02T19:51:50Z Indexed on 2010/06/15 14:12 UTC
Read the original article Hit count: 271

Filed under:

web-development

|

language-agnostic

|

http

|

authentication

|

Article

Form Based Authentication For Websites

Please help us create the definitive resource for this topic. We believe that stackoverflow should not just be a resource for very specific technical questions, but also for general guidelines on how to solve variations on common problems. "Form Based Authentication For Websites" should be a fine topic for such an experiment.

It should include topics such as:

how to log in
how to remain logged in
how to store passwords
using secret questions
forgotten password functionality
OpenID
"Remember me" checkbox
Browser autocompletion of usernames and passwords
secret urls (public urls protected by digest)
checking password strength
email validation
and much more

It should not include things like:

roles and authorization
http basic authentication

Please help us by

Suggesting subtopics
Submitting good articles about this subject
Editing the official answer (as soon as you have enough karma)

UPDATE: See the terrific 7-part series by Jens Roland below.

© Stack Overflow or respective owner

Related posts about web-development

Web Development - How to Get Started in Web Development

as seen on Ezine Articles - Search for 'Ezine Articles'
11 years ago I purchased a book about basic HTML development. A purchase that would end up defining my entire professional career. I bought it because I wanted to create a web page for a school project. This was in the days of Geo city sites and it looked absolutely horrible. >>> More
PHP Web Development, Web Development Using PHP As an Open Source

as seen on Ezine Articles - Search for 'Ezine Articles'
PHP is a widely-used general-purpose scripting language that is especially suited for web development and can be embedded into HTML. PHP is the most famous language nowadays as it is an open source and web development requires no costs in implementation. >>> More
How to get full query string parameters not UrlDecoded

as seen on Developer IT - Search for 'Developer IT'
Introduction While developing Developer IT’s website, we came across a problem when the user search keywords containing special character like the plus ‘+’ char. We found it while looking for C++ in our search engine. The request parameter output in ASP.NET was “c “.… >>> More
Tracking download of non-html (like pdf) downloads with jQuery and Google Analytics

as seen on Developer IT - Search for 'Developer IT'
Hi folks, it’s been quite calm at Developer IT’s this summer since we were all involved in other projects, but we are slowly comming back. In this post, we will present a simple way of tracking files download with Google Analytics with the help of jQuery. We work for a client that offers… >>> More
What is the best .NET web development framework?

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm looking for a framework to simplify the creation of a website with social networking features and plenty of custom functionality. I'm quite keen to use an ORM like nHibernate or similar for data access. Would DotNetNuke be a good choice? Or are there other options which are better. Added: I'm… >>> More

Related posts about language-agnostic

Are there any language agnostic unit testing frameworks?

as seen on Programmers - Search for 'Programmers'
I have always been skeptical of rewriting working code - porting code is no exception to this. However, with the advent of TDD and automated testing it is much more reasonable to rewrite and refactor code. Does anyone know if there is a TDD tool that can be used for porting old code? Ideally you… >>> More
Language Agnostic Basic Programming Question

as seen on Stack Overflow - Search for 'Stack Overflow'
This is very basic question from programming point of view but as I am in learning phase, I thought I would better ask this question rather than having a misunderstanding or narrow knowledge about the topic. So do excuse me if somehow I mess it up. Question: Let's say I have class A,B,C and D… >>> More
Language-agnostic term for typed things that need memory

as seen on Stack Overflow - Search for 'Stack Overflow'
Is there an accepted general term that subsumes the concepts of variables, class instances and arrays? Basically "any typed thing that needs memory". In C++, such a thing is called an object, but I'm looking for a more language-agnostic term. § 1.8 The C++ object model 1 The constructs in… >>> More
Deprecated Methods in Code Base

as seen on Programmers - Search for 'Programmers'
A lot of the code I've been working on recently, both professionally (read: at work) and in other spheres (read: at home, for friends/family/etc, or NOT FOR WORK), has been worked on, redesigned and re-implemented several times - where possible/required. This has been in an effort to make things smaller… >>> More
Coding Competition, language agnostic guidelines?

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi there: I might be doing a coding competition soon, I was wondering if anyone made one and what where the guidelines/ process. I'd like to make the competition appealing to all devs, and I m trying to come up with ideas as to how. the scenario is: There is an event running and we(of the coding… >>> More