Ria service security
I have a silverlight app that connects to a entity framework over WCF ria service.
Connecting with OAuth, dealing with logout and browser sessions
I work on a open-source web application (Moodle) which connects to a number of external services such as Google Drive, Dropbox etc. to allow users to exchange files with these services.
I need advice developing a sensitive data transfer/storage/encryption system
I got closed on SO and told to post this here as it’s about general application design as opposed to specific code.
Why do web sites require certain characters in their credentials? [closed]
Closed 11 years ago.
You’re hired to fix a small bug for a security-intensive site. Looking at the code, it’s filled with security holes. What do you do? [closed]
Want to improve this post? Provide detailed answers to this question, including citations and an explanation of why your answer is correct. Answers without enough detail may be edited or deleted. Closed. This question needs to be more focused. It is not currently accepting answers. Closed 9 years ago. Locked. This question and its answers […]
How can robots beat CAPTCHAs?
I have a website e-mail form. I use a custom CAPTCHA to prevent spam from robots. Despite this, I still get spam.
Using a public username as a login username
It has just dawned on me, that a system I am developing exposes a users username in the URI. This is a problem, since some of the users pages are public. Therefore people will know their username.
Using a public username as a login username
It has just dawned on me, that a system I am developing exposes a users username in the URI. This is a problem, since some of the users pages are public. Therefore people will know their username.
Is a predefined key enough security when performing HTTP requests between two secure servers?
I have an AdWords script that regularly transfers sensitive data to my server using a POST HTTP request. For security I have a predefined 32 character randomized string that is verified by my server before it accepts the data. Is this secure?
How to prevent my executable being treated from AV like bad or virus?
I’m creating a piece of software, that will run on windows and will act like launcher for the game, to serve as an auto-updater and file verifier in client side PC.