Membership and Security:-
Generally user will login into the website and start using content, user does not care about his credentials are exposed because he trust that website is secured. We the developers have to make sure that user information provided is secured and it is not exposed to others or hackers. So learning security system is very important.
Thumb rule:
Never, ever trust any data your users give you. Ever!!!
Important points to be consider while securing the web site
- Always HTML encode the user input data before saving and render the data from user to UI using HTML encoding
- Define what portion of web site should have anonymous access and what portion should have authentication
- Use only HTTP only cookies when you no need to use client side script
- Try to use AntiXSS to libraty to avoid security threats
Let’s us understand more about the security system available in the MVC application.