Comments on: Put The Login on the Front Page http://cafe.elharo.com/ui/put-the-login-on-the-front-page/ Longer than a blog; shorter than a book Wed, 08 Feb 2012 21:45:25 +0000 hourly 1 http://wordpress.org/?v=3.1.3 By: Charles Boyung http://cafe.elharo.com/ui/put-the-login-on-the-front-page/comment-page-1/#comment-669617 Charles Boyung Tue, 10 May 2011 18:56:55 +0000 http://cafe.elharo.com/ui/put-the-login-on-the-front-page/#comment-669617 Barend - I know this is ancient and you are unlikely to still be following this, but your argument does not make much sense. The only way to do what you are saying would be to change the HTML on the home page to have the form point at a different target. The type of attack you make reference to is not something that can do this. Barend – I know this is ancient and you are unlikely to still be following this, but your argument does not make much sense. The only way to do what you are saying would be to change the HTML on the home page to have the form point at a different target. The type of attack you make reference to is not something that can do this.

]]> By: Barend Garvelink http://cafe.elharo.com/ui/put-the-login-on-the-front-page/comment-page-1/#comment-452 Barend Garvelink Sat, 13 May 2006 13:37:38 +0000 http://cafe.elharo.com/ui/put-the-login-on-the-front-page/#comment-452 As far as I can tell, that's entirely true at this time. (discounting various govt. agencies in all parts of the world) If you pointed out that trojans and spyware are a much larger threat to one's credit card than any man-in-the-middle attacker, I'd have been the first one to agree. That doesn't change anything about the flawed principle I pointed out. Every weakness is exploited at some point. As far as I can tell, that’s entirely true at this time. (discounting various govt. agencies in all parts of the world)

If you pointed out that trojans and spyware are a much larger threat to one’s credit card than any man-in-the-middle attacker, I’d have been the first one to agree.

That doesn’t change anything about the flawed principle I pointed out. Every weakness is exploited at some point.

]]> By: Elijah Rhodes http://cafe.elharo.com/ui/put-the-login-on-the-front-page/comment-page-1/#comment-435 Elijah Rhodes Thu, 11 May 2006 16:14:34 +0000 http://cafe.elharo.com/ui/put-the-login-on-the-front-page/#comment-435 Fact o' the Day: Number of "Man in the Middle" attacks on large, known companies: Zero. Fact o’ the Day: Number of “Man in the Middle” attacks on large, known companies: Zero.

]]> By: Barend Garvelink http://cafe.elharo.com/ui/put-the-login-on-the-front-page/comment-page-1/#comment-415 Barend Garvelink Tue, 09 May 2006 13:11:19 +0000 http://cafe.elharo.com/ui/put-the-login-on-the-front-page/#comment-415 There is a problem though -- security. If you serve a login box over plain HTTP and post the data to HTTPS (as java.net in fact does), a man-in-the-middle attacker can simply redirect the HTML form and intercept your password; this is not much more difficult than intercepting a password sent back over plain HTTP. How many end-users are so vigilant as to check the action string of every form they post? In other words: you can't send a login form over plain HTTP. There are three alternatives at this point: 1) simply forget it and log in over plain HTTP 2) serve the entire homepage over HTTPS 3) serve a secure login form in an iframe Option 1 is very bad form for a company that has your creditcard number. I wouldn't want to do business over such a site, and I don't think you would either. Option 2 is a scalability disaster. Option 3 puts an (unacceptable) hit on accessibility. As inconvienent as an extra page may be, it is a necessity (but of course no guarantee) for a secure login procedure that does not involve sending the entire homepage over HTTPS. There is a problem though — security.

If you serve a login box over plain HTTP and post the data to HTTPS (as java.net in fact does), a man-in-the-middle attacker can simply redirect the HTML form and intercept your password; this is not much more difficult than intercepting a password sent back over plain HTTP. How many end-users are so vigilant as to check the action string of every form they post?

In other words: you can’t send a login form over plain HTTP.

There are three alternatives at this point:
1) simply forget it and log in over plain HTTP
2) serve the entire homepage over HTTPS
3) serve a secure login form in an iframe

Option 1 is very bad form for a company that has your creditcard number. I wouldn’t want to do business over such a site, and I don’t think you would either.

Option 2 is a scalability disaster.

Option 3 puts an (unacceptable) hit on accessibility.

As inconvienent as an extra page may be, it is a necessity (but of course no guarantee) for a secure login procedure that does not involve sending the entire homepage over HTTPS.

]]>