How to Implement 2-Step Verification in ASP.NET MVC
page 1 of 12
Published: 16 Aug 2011
Unedited - Community Contributed
Abstract
Nowadays security is more important than ever on the internet, and the majority of security issues on websites are caused by user accounts being compromised. As a good prevention strategy, the use of 2-step or phone verification mechanisms is becoming common on the internet. In this article Keyvan discusses the implementation of a 2-step verification system in ASP.NET MVC by developing a simple prototype.
by Keyvan Nayyeri
Feedback
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days): 45821/ 162

Introduction

As computer systems and particularly internet expand their role in our daily lives, security in computer systems becomes more important, and it’s a vital part of every programmer’s life to make his or her code secure. This is bolder when you go online on the internet or intranet and expose your application to more users and possible threats. The number of security attacks by hackers and their catastrophic impacts (in terms of privacy and money loss) has been increasing and we all can remember many of big highlights that happened in the past few months such as several security attacks to Sony PlayStation Network.

As an obvious consequence of these, security has been so important for me, just like everybody else, so I always spend a lot of time to reassure the security of my code and implement different mechanisms to prevent hackers from hurting my online identity.

As development technologies have evolved and online software have become bigger, newer techniques, methods, and tools are provided to improve the security of applications at different levels ranging from securing the programming languages to security mechanisms provided like those offered by IIS.

Having these said, a few weeks ago my blog was the target of a dictionary attack by a hacker for almost 24 hours. The hacker, who supposedly thought that I don’t have mechanisms for monitoring the accesses to my blog’s administration area, had tried to perform a dictionary attack on my login page to get access to my blog. This story ended up by me leaving a message for the hacker that was probably read later and forced him/her to stop this pointless attack, however, it made me extra-cautious about security so that I decided to take the security of my websites to the next level! In this article I’m going to explain the technique that I implemented, 2-step verification by phone, which is going to become a common technique in the near future. Searching on the internet, there wasn’t much information provided about this technique, especially for ASP.NET developers, so I hope that this article can contribute and encourage other developers to implement such mechanisms!


View Entire Article

User Comments

Title: No source code?   
Name: Larry Q
Date: 12/7/2011 10:39:10 AM
Comment:
Hi everyone,

I enjoyed Keyvan's article very much, however the source code link doesn't work. Is it possible to get the source from another location? Many thanks for writing this article, before I forget.

-Larry






Community Advice: ASP | SQL | XML | Regular Expressions | Windows


©Copyright 1998-2014 ASPAlliance.com  |  Page Processed at 7/24/2014 2:24:40 AM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search