Jeremy Weiskotten said the following on 09/01/08 04:39 PM:
Anton, let me guess… you’re one of those who believes that exposing
someone’s user name is a security hole, even if there’s a password. Am I
right?
No. That has nothing to do with what we’re discussing.
You’re hung up on ‘obscuring’ when I’m talking about predictability.
If you go back though this thread and read my other postings you’ll see
that while did answer the original question about encrypting the id, I
also suggested using names instead of ID.
Which fits in with my point about predictability rather than obscurity.
Example, linking back to the beginning of this thread:
Knowing that the URL
/user/9
exists tells you that /user/1…8 are there and probably /user/10
onwards.
And its easy to check. That’s what I mean about predictability.
But knowing
/user/JeremyWeiskotten
doesn’t tell you about the existence of any other records.
That’s not obscurity, its about predictability.
Its not obscured anything. The hacker may try assuming that the
FirstnameLastname is the only format, but that need not be true. On
one site I run the registration suggests an ID based on the Firstname
Lastname, but the user can override it. And this is independent of the
response to the login prompt. Which they can choose as well. And all
this is independent of the e-mail address they use.
The user name need not be the ID handed for the login sequence.
In fact there is no reason why that should be public information
http://www.vaporbase.com/postings/Login_with_your_email_address
See also “The White Night’s Song” in Alice.
What a thing is, what its name is, what its title is and what its called
need not be the same.
Yes, I know this thread started with the request for encrypting the ID.
But go back and look: I tried saying that user a ‘name’ was a good
technique early on.
From a business POV, the names are more meaningful, they are something
that the end user can see “makes sense” and feels less intimidating than
an awkward alphanumeric string generated by SHA1.
Security has many facets and the code is just one of them.
From a business POV, issues like PCI, SOX, HIPPA, COSO, PIPEDA and other
legal and regulatory requirements are drivers of policy and determine if
and why someone may be granted or revoked an account, and the business
processes that work that may be more important than the details we are
discussing.
–
“Intolerance of ambiguity is the mark of an authoritarian personality.”