Site Security: Two Simple Security Steps for your Web Site

Two Simple Security Steps for your Web Site

Written by Alan Grissett

Continued from page 1

Second, and perhaps repparttar single most important security precaution, is to use strong passwords. A good general rule in password creation is that a password should be easy for you to remember but impossible for others to guess. Also, it should contain both alphabetical and numerical characters, and if possible, special characters such as %, !, or (. By having a strong password, you can ensure that hackers cannot access your mission critical Web, e-mail, and database files.

Alan is the lead developer for InfoServe Media, LLC (http://www.infoservemedia.com/), a Web development company that specializes in Web site design, hosting, domain name registration, and promotion for small businesses.

Why SSL is not enough to secure your credit card details

Written by ArticSoft

Continued from page 1

Is repparttar padlock real?

Although repparttar 132033 SSL padlock has been on repparttar 132034 bottom of repparttar 132035 screen for a while now, only repparttar 132036 most adventurous have tried doing things like clicking on it. If you did you might be in for a surprise.

The first thing is that you can’t tell if repparttar 132037 padlock is genuine. After all, anyone can write a padlock to that point on repparttar 132038 screen, it’s not a special protected area of some kind. So seeing repparttar 132039 padlock appear needn’t mean a secure connection is actually in place. If you do click on it you should see repparttar 132040 web site address for repparttar 132041 site of repparttar 132042 server that purchased repparttar 132043 certificate being used. You should compare this with repparttar 132044 web site address shown in your browser tool bar. It is important to read it carefully since you are repparttar 132045 one doing repparttar 132046 checking, there is nothing automated about repparttar 132047 comparison.

What needs to change?

Several things need to change before you should feel comfortable using SSL.

1) Getting enough functionality onto repparttar 132048 client system to be able to sign and encrypt actual data instead of trying to make secure connections to places you don’t know.

2) Providing clients with repparttar 132049 ability to check that certificates sent from servers are still genuine (check to see if they have been revoked) automatically. Then users can be sure that no man-in-the-middle can read repparttar 132050 information they send, and that repparttar 132051 server they are dealing with is for real.

3) The client needs an identity that can be authenticated by repparttar 132052 server (this does not have to mean that users need to go out and buy a certificate, repparttar 132053 server site may provide them with a suitable certificate as a separate process).

4) Automating this whole process so that repparttar 132054 user does not have to click on repparttar 132055 padlock icon to find out if repparttar 132056 security is real.

ArticSoft have over 30 years experience in the field of computer security, and 15 years experience of securing information on personal computers and messaging systems. Our CEO Steve Mathews, is one of the authors of BS7799 (now ISO/IEC 17799) and is well recognized in the security industry.

<Back to Page 1