如何在查询字符串中安全地包含密码 [英] How to safely include password in query string

问题描述

是否可以在 c# asp.net 站点的查询字符串中安全地包含密码.

Is it possible to safely include a password in a query string for a c# asp.net site.

我知道的一些假设和事情 -

Few assumptions and things I know -

1. 该网站没有也不会有与其他网站的链接/图像/javascript/分析.因此，无需担心引荐链接.
2. 与网络浏览器的所有通信都将通过 https.
3. 我知道查询字符串会保留在电脑.
4. 登录时不仅需要密码/用户名.如此简单将网址粘贴回浏览器不会导致登录.

我知道该站点可能容易受到跨站点脚本和重放攻击.我该如何减轻这些?

I know the site may be susceptible to cross site scripting and replay attacks. How do I mitigate these?

鉴于上述情况，我应该如何在查询字符串中包含密码?

Given the above scenario, how should I include a password in a query string?

请不要问我为什么"，我知道这不是一个好主意，但这是客户想要的.

Please don't ask me 'why', I know this is not a good idea, but it is what the client wants.

推荐答案

SSL

您可以使用 SSL 连接安全地将密码发送到 Web 服务器.这会加密客户端/服务器之间的所有通信.

SSL

You can safely send the password to a web server using a SSL connection. This encrypts all the communication between the client/server.

基本身份验证协议将用户/密码信息放在 HTTP 请求标头中.C# 和许多其他 Web 服务器语言可以访问此信息，并使用它来验证请求.与 SSL 混合使用时非常安全.

Basic authentication protocols place the user/password information in the HTTP request header. C# and many other web server languages can access this information, and use it to authenticate the request. When mixed with SSL this is very safe.

如果以上都不可行，那么建议您为每个用户创建一个唯一的密钥.而不是发送他们的密码，这个密钥被使用.优点是密钥存储在数据库中，可以删除.用户的密码保持不变，但他们必须重新注册才能获得新密钥.如果有人可能滥用他们的密钥，这很好.

If none of the above is possible, then it's recommended that you create a unique key for each user. Rather then send their password this key is used. The advantage is that the key is stored in the database and can be removed. The user's password remains unchanged, but they must register again to get a new key. This is good if there is a chance someone could abuse their key.

握手是客户端向服务器发出请求，服务器发回随机生成的密钥.然后，客户端使用密钥从该密钥生成哈希，并将其发送回服务器.然后服务器可以检查客户端是否知道正确的秘密.如果密码是秘密并且客户端在请求中包含用户名详细信息，则可以执行相同的操作.这可以在不发送密码的情况下进行身份验证.

Hand shaking is where the client makes a request to the server, and the server sends back a randomly generated key. The client then generates a hash from that key using a secret, and sends it back to the server. The server can then check if the client knew the correct secret. The same thing can be done where the password is the secret instead and the client includes username details in the request. This can authenticate without ever sending the password.

如果以上都不是可能的选项，那么您可以尝试在密码通过开放 URL 发送之前使用 JavaScript 对其进行加密.我找到了一个开源版本 AES 分组密码.该项目名为 JSAES，支持 128 到 256 位加密.可能还有其他 JS 库做同样的事情.

If none of the above are possible options, then you could attempt to use JavaScript to encrypt the password before it's sent via an open URL. I found an open source version the AES block cipher. The project is called JSAES and supports 128 to 256 bit encryption. There might be other JS libraries that do the same thing.

这篇关于如何在查询字符串中安全地包含密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！