Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
A thought about the first user experience
#11
One big advantage of our own security is that we can (and do now) support non-Windows clients. We couldn't do that if we depended on Windows login as proof of access.

The setting of the password when resetting an account is just something I need to the time to do. It's pretty piddly in the larger scheme of things so it's not been done yet. But it will get done.

Security is pretty fundamentally ingrained in the whole product, so it's not going to go away or become optional. Doing anything that would change the system requires a secuirty token, else the product couldn't be secure. And if just passing some parameter or setting some flag would turn it off, the security would be worth nothing since any hacker could do that with a client, pull up to your house with a tablet, connect, and change your system.

It's easy enough to use environmentally based login info, or command line if you want, it works either way.
Dean Roddey
Explorans limites defectum
Reply
#12
I'm with Dean. If I had kids or roommates I'd want access password protected.
Les
Reply
#13
Dean Roddey Wrote:One big advantage of our own security is that we can (and do now) support non-Windows clients. We couldn't do that if we depended on Windows login as proof of access.

but you are connecting to a server on a windows machine which could do the pass through for authentication could you not?

I am no expert, but is there not many examples of this already existing, hence things like Raduis servers etc were implemented.

Regardless, what ever is said here, its not going to change anything. My view that sercurtity should be optional will never change, nor will CQC ever change the way its is done now.

We just have to hope that Dean has implemented true security (ie passwords etc not passed to the server from the client in the clear and passwords are not stored, e.g. only a hash of the password).

Mick
Reply
#14
znelbok Wrote:but you are connecting to a server on a windows machine which could do the pass through for authentication could you not?Mick

Not very safey. Our login procedure is completely safe over the net, because it doesn't have to pass any actual useful information back and forth. If we had to have the server log on for you, we'd have to pass the actual user name and password over. So it's much safer using our own system. Otherwise we'd have to use some sort of VPN scheme or SSL or whatnot just to protect the login procedure.
Dean Roddey
Explorans limites defectum
Reply
#15
you can pass a hash instead which does make it safe(er).

The clinet hashes the password, sends the hash and the server compares the hash to its list (in my simple terms).

Passwords should never ever be sent.
Reply
#16
You don't even want to send the hash directly either, which our current scheme doesn't. It doesn't exchange anything other than randomly generated values.
Dean Roddey
Explorans limites defectum
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  User Action on ZWave Keypad jkmonroe 18 8,312 04-04-2015, 05:46 AM
Last Post: jkmonroe
  Any Experience here with Carl's Electronics Relays Deane Johnson 11 3,726 12-24-2014, 11:08 AM
Last Post: Deane Johnson
  user screen resolution ellisr63 4 2,689 11-30-2014, 03:05 PM
Last Post: Dean Roddey
  VRCOP User Action Configuration potts.mike 30 10,246 05-11-2014, 09:06 PM
Last Post: potts.mike
  User Interface for Irrigation Scheduling? fcwilt 2 2,090 04-11-2011, 06:10 PM
Last Post: DaveB
  New User Northernsprink 5 2,815 03-22-2011, 10:22 AM
Last Post: Dean Roddey
  Template / Overlay design for mobile device - Seeking experience input batwater 4 4,648 09-12-2010, 11:45 AM
Last Post: Fonceur
  Lost User and Password alfredholzheu 2 1,800 06-25-2010, 08:24 PM
Last Post: alfredholzheu
  Squeezebox experience Ron Haley 9 3,738 11-26-2009, 04:54 PM
Last Post: jkish
  Potentially a new user, but som questions first :) aagesen 10 3,070 09-01-2009, 05:12 AM
Last Post: sic0048

Forum Jump:


Users browsing this thread: 1 Guest(s)