Conventional website authentication model, its weaknesses and alternatives
Posted by davitb on 27th September 2009
The current article discusses the problems of authentication schemes that are used by websites and browsers while the user logs in to a website.
The following topics will be covered:
- Conventional user and website authentication model
- Weak points of password based authentication
- Weak points of website authentication
- Alternative ways for user authentication in websites
Note that by the term “conventional” we mean the most popularly used authentication scheme – username/password.
Tags: authentication, HTTPS, man-in-the-middle, passwords, pharming, phishing, SSL
Posted in authentication, browser security | 5 Comments »