MartyConnelly
martyconnelly at shaw.ca
Mon Oct 16 11:06:50 CDT 2006
You also have to protect against cross site scripting and sql injection especially on your logon form if verifying userid logon from a database table. You also want to place your access mdb outside of iwwwroot directory on IIS otherwise the mdb could be downloadable. paul.hartland at fsmail.net wrote: >To all, > >I have created a very simple website (basically a logon page and a welcome page for now), where the logon page is connected to a database (MS Access). Before I continue I want to know how long in would take a hacker to get my password if it is was to be attempted. Are there any hacking tools or scripts out there that I can point to my website, give it my administration username and get it to return the number of attempts it took to get my password and give my password a security rating (say from 1-10) ? > >Thanks for any help in advance on this. > >Paul Hartland >Database Developer. > > -- Marty Connelly Victoria, B.C. Canada