Brock Allen’s ASP.NET security: the tl:dr;

tl:dr;

– If it’s on an HTTP address, consider it public info — usernames, passwords, HTML, and JSON results are all interceptable.
– unless you’ve secured it, your database usernames, passwords, and data are ALSO being sent in plain text.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s