在保留程序日志打开时跟踪密码 [英] Trace the password when the preserver log is on
本文介绍了在保留程序日志打开时跟踪密码的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
大家好,
如果在Chrome浏览器中打开保存者日志,我们怎么能避免跟踪密码
我们可以发现密码可以在f12模式下跟踪
如何避免这种情况?我们的项目是在MVC4上开发的。我们有什么更改webconfig文件来防止这种情况吗?
谢谢和问候,
Soumya
Hi All,
How could we avoid to trace the password when the preserver log is on in chrome browser
we could find that the password can trace when it is on f12 mode
How to avoid that?.Our project is developing on MVC4.Do we have any changes in webconfig file for preventing this?
Thanks & Regards,
Soumya
推荐答案
抱歉,没有一行代码示例,几乎不可能看出你的错误是什么。为了得到一些一般性的想法,请看我过去的答案:
我已经加密了我的密码但是当我登录时它给了我一个错误。如何解密 [ ^ ] ,
解密加密密码 [ ^ ],
存储密码值int sql server with secure方式 [ ^ ]。
您可以在我的答案中解释所有实现加密缓存功能的使用以上引用。
客户端: http://code.google.com/p/crypto-js [ ^ ]。
服务器端,.NET: http://msdn.microsoft.com/en-us/library/system.security.cryptography.sha256%28v=vs.110%29.aspx [ ^ ]。
如果你不使用SSL,这还不够安全。否则,即使恶意入侵者无法获取原始密码,也可以窃听其哈希值,然后此人可以冒充客户,然后修改密码或做其他伤害。但最容易受到攻击的是设置初始密码的过程,如果流量被窃听的话。因此,请尝试使用SSL和加密哈希密码。
-SA
Sorry, without a single line of a code sample, it's nearly impossible to see what were your mistakes. To get you some general ideas, please see my past answers:
i already encrypt my password but when i log in it gives me an error. how can decrypte it[^],
Decryption of Encrypted Password[^],
storing password value int sql server with secure way[^].
You have everything to implement the use of cryptographic cache function explained in my answers referenced above.
Client-side: http://code.google.com/p/crypto-js[^].
Server-side, .NET: http://msdn.microsoft.com/en-us/library/system.security.cryptography.sha256%28v=vs.110%29.aspx[^].
Still, this is not safe enough if you are not using SSL. Otherwise, even though a malicious intruder cannot get the original password, its hash can be eavesdropped, and then this person can impersonate a customer and then modify a password or do other harm. But the most vulnerable point will be the process of setting up an initial password, if the traffic is eavesdropped. So, try use both SSL and cryptographic hash for passwords.
—SA
这篇关于在保留程序日志打开时跟踪密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
