Thursday, February 16, 2006

Beware of cleverness

When you get that giddy feeling of doing something clever, it probably means you're doing something you shouldn't.

Using SSL to present a login page really is a good idea. Clever approaches to avoiding having to SSL your login page are a bad idea.

If SSLing a page that most users will not use to log in strikes you as expensive, stop embedding your login form in pages with other purposes and instead use a login button that delegates to a dedicated web sign-on application.

0 Comments:

Post a Comment

<< Home