|
|
|
Browse Blog Posts by Tags
-
I've always looked at security questions used to automate user password recovery with quite a bit of skepticism . What's the point of requiring strong passwords if you allow anyone to reset the password on an account by answering a (potentially inane) question? And just how many good security...
-
I'm about to embark on a mission to get Zermatt integrated into pluralsight.com as our single-sign-on solution, and a big part of that is getting our Community Server installation wired into that. I'm curious if anyone else has seen any work being done in this area, or if I'll be the first...
-
We recently updated our website and some links have broken as a result. Here's the place you should go to get the latest version of Password Minder: http://mercury.pluralsight.com/tools.aspx Sorry for any inconvenience!
-
For a couple of years now, I've been giving talks about "claims-based identity", and "claims-aware applications". The most concrete example of a claims-based identity architecture that I've been able to show so far is Active Directory Federation Services v1 (ADFS) and Windows...
-
Finally there's a home on the Internet for information cards . I've been waiting for this for a long time - a place to point consumers, executives, and developers to learn more about information cards. And it's not just a Microsoft thing. Founding members include Google, PayPal, Novell, and...
-
To those who came to my talks at TechEd 2008 Developers , thank you! Be sure to fill out an evaluation before you leave; scores matter a lot to the conference organizers, so let them know what you thought. Here is the code from my ADFS talk. Here is the code from my Understanding Claims talk. Enjoy!
-
This is a minor update. Here's what was changed (from the readme file): Incorporated a patch from Richard Howells to give you the option to turn on/off the "Always On Top" behavior of the main form. I still recommend not keeping PWM in memory all the time - only run it when you need it...
-
This is new; J.D. and crew are hosting it on CodePlex to get feedback. From J.D.'s blog : Our patterns & practices WCF Security Guidance Project is in progress on CodePlex. This is our first release of prescriptive guidance modules for WCF Security. How Tos Our How Tos give you step by step instructions...
-
Thanks to all of YOU who attended my claims-based identity postconference here at DevWeek. Grab the demos from here . Updated (20 Mar 2008) with new link.
-
In my quest to get unit testing and code coverage, I was disappointed to find that NCover requires administrative privileges to run. I posted on their forum about this , and was informed that the authors "haven't had a good enough reason" to fix the problem. So right now, if you want to use NCover in...
-
Before posting my discussion of code signing cert costs , I took a quick look at my trusted root store and didn't find anything by Comodo. I guess I should have looked more closely. There it is! Apparently John's found an excellent deal . It turns out that the trusted root cert he had to install was...
-
UPDATE: It turns out that John *did* find a bargain. Please be sure to read this followup post . In my recent post about Windows Live OneCare Firewall and Security, I mentioned that code signing certificates aren't cheap. If you look at the major vendors like VeriSign and Thawte , you'll find they charge...
-
Over the last few years the software industry has been figuring out better ways of solving security problems. One of the remaining conundrums has been figuring out where to put authorization logic. When you start thinking about this, you often end up in a big gray area: where does the "authorization...
-
In my previous post in this series, I showed how easy it is to work with enumerations in PowerShell. Here's the code I've been walking through in this series: $dacl = (dir foo.txt).GetAccessControl() $newRule = New-Object Security.AccessControl.FileSystemAccessRule "keith", Modify, Allow $modified =...
-
Vittorio has just concluded a series of posts where he's sharing a sneak preview of the Identity Framework (Fx for this post). Based on what he's shown and his descriptions, I've put together a little list of some features we can probably expect from the Fx. This is all pre-alpha stuff and the API will...
|
|
|
|
|
|