I’m thinking of adding login/registration to my personal site…

Not sure what scenarios this will be used to enable in the long run, but I might play around with some web services (with authentication) and a few ‘prototypes’ for articles and MSDN features that I’ve been musing about…

  • Do you run a personal site?
  • Do you have any form of authentication?
  • What do you use to handle it (I’m planning Forms Authentication against SQL Server)?
  • What do you use it for?

this is for http://www.duncanmackenzie.net … which is quickly becoming my little sandbox for asp.net code 🙂

Comments (6)

  1. Duncan,

    I use FormsAuthentication against SqlServer for RegexLib.com. I use it to authenticate the owners of patterns via direct website access as well as via webservice access.

    Basically, in a WebService scenario I pass AuthenticationTickets around.

  2. Tim P. says:

    I’m not sure if you’ve seen it or not, but here’s a great article about using Forms Authentication with SQL Server 2000. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT03.asp

  3. Simon says:



    Forms Auth

    ID’ing anyone permitted to add/edit content*

    * – works great for stopping comment spam. Stops comments too, but that’s besides the point. Allows just me to update the photo album, or a friend to update the news if they ever want to. Lets me edit pages from anywhere, etc.

  4. Daniel Edards says:

    I use FormsAuthentication against a SqlServer for my sites. I simply store the hashed password so there is no risk of plain text sniffing. I have found there to be too many spiders that just crawl around leeching up every bit of content for redistribution.

    I know several people who host code examples that have added free registrations to protect their code from automated leeching.

  5. T. Rodgers says:

    I put some simple protection on my personal site to guard some mildly personal pictures.

    What I did was use a simple form combined with a few lines of ASP to verify against a hard coded password. The password was a combination of my birthdate & middle name and that’s clearly stated at the login. I used those things cause it’s stuff only the family and close friends would know offhand.

    It offers all the protection I needed and it literally took all of ten minutes to make.

  6. I use forms authentication against SQL Server too. I basically use it for permissions for content management right now, but I think I’ll soon show certain content only to select individuals. I doesn’t hurt, you can always give people the option to remain anonymous.