Log in system

thoand

When creating a login system, what is the most securest:

HTTP Auth, or Creating the login dialog with HTML forms?

thanks in advance,
Thomas A

nnichols

Neither one is more secure than the other, as long as your application design is thorough. If you security is an issue use HTTPS.

thoand

Of course, but still with all the considerations taken care of

SSL, safe mode etc.

Is one of the two methods more secure?

Thomas

nnichols

HTTP Auth is going to be more secure in theory, but if someone has gone to enough trouble to hack through a well designed form based login, the chances are they are capable of, and willing to hack through your HTTP Auth.

There is "NO SUCH THING" as a totally secure website,

but good luck all the same 😃