Tips for Web security

Chong-ho (Alex) Yu, Ph.D., MCSE, CNE, CCNA

Question:

I can assign permissions to users via the Web interface by going to http://URL/security/ What are the potential pitfalls of using Web-based security?

Answer:

Although you must login as Admin to access the Web security. There are two potential risks:

  • The database password is shown in the input box as clear text.
  • You can accidentially press the Delete Database button when you are trying to update the password. When the button is pressed, don't panic. It deletes just the security information of the database, not the actual database. It will still be a big problem because all login information of that database is gone, and from now on no user can access that database. Although you can re-create the security information, needless to say it is painful.

Therefore, I recommend that you take out the input box and those buttons in the file named database_detail.htm under the security folder.

 


Navigation

FMP Tips Contents

Other computer tips

Search Engine

Credit/Copyright ©

Simplified Navigation

Table of Contents

Contact Me