Itqualityassurance
- What authentication should I use for my website?
- Why does a website need authentication?
- Is authentication enough to secure the website?
What authentication should I use for my website?
For web applications that leverage server-side templating, session-based auth via username and password is often the most appropriate. You can add OAuth and OpenID as well. For RESTful APIs, token-based authentication is the recommended approach since it's stateless.
Why does a website need authentication?
Authentication is used by a server when the server needs to know exactly who is accessing their information or site. Authentication is used by a client when the client needs to know that the server is system it claims to be. In authentication, the user or computer has to prove its identity to the server or client.
Is authentication enough to secure the website?
Since there is strong encryption, hackers cannot get into the information directly. So, they use keys and cause middle man attacks to steal clean text data from the browser or the server at large. All of these points prove that having a strong authentication might not be enough to have excellent web app security.
