Welcome Guest, Not a member yet? Register   Sign In
Benefit of using CI - an honest question

(This post was last modified: 02-06-2015, 06:38 PM by Narf. Edit Reason: Fix a link ... I was thinking Markdown :) )

(02-06-2015, 06:24 PM)RobertSF Wrote: In my opinion, the amount of security you need is a function of both the probability of attack and the stakes involved. Do you need SSL? Well, what are the chances that someone might intercept a login attempt? Sites like Amazon or Wells Fargo are attractive, but is yours? And what are the consequences of someone unauthorized hacking into one of your users account?

As for encrypting passwords, sure. It's easy to do and doesn't cost anything. But in my experience of running small websites, the main benefit is that you don't know your users' passwords.

While this seems logical, it is a very dangerous thing to say, especially when giving advice - it's discouraging people to think about security. Especially your second paragraph, it sounds like you're suggesting that storing passwords in plain-text is OK - it is not, period.

It doesn't matter if you're building a teapot or banking software - security is a requirement, not something that you decide to have or not.

Messages In This Thread
RE: Benefit of using CI - an honest question - by Narf - 02-06-2015, 06:36 PM

Theme © iAndrew 2016 - Forum software by © MyBB