I'm trying to make a website with alot of Users. I've made so the user can create a profile, and edit their own profile. But now I would like if the users can have an account with money on it. So if they transfer money they would have on their account would be a number in a accountbalance property attached to the member.
I know how to make all this, but Im not good at understanding all about the security. Is their any danger with this? I meen: Is their any way (hacking-wise) the users could change this number?
Something that i should do? Something that i should be considering? :-)
Im using the Membership control wich uses the C# Membership Provider.
When I set properties to the member inside Umbraco, I cant find it inside the database. So where is this information stored, and is it secure enough?
The properties I would like to attach to this member is account total value (how much money he has on his account), and his bank account number (not creditcard data, but so he can cash out his money to his bankaccount).
But is it safe to do? Or would it be better to store in a encrypted database? And how do i encrypt a database? :-)
/Peter
(Sorry for my stupid questions, if they are, but Im not good at encrypting and database settings) :-)
How secure is the Member section
Hi,
I'm trying to make a website with alot of Users. I've made so the user can create a profile, and edit their own profile. But now I would like if the users can have an account with money on it. So if they transfer money they would have on their account would be a number in a accountbalance property attached to the member.
I know how to make all this, but Im not good at understanding all about the security. Is their any danger with this? I meen: Is their any way (hacking-wise) the users could change this number?
Something that i should do? Something that i should be considering? :-)
Regard
Peter
I'm building a business website, where my members will buy products in the website and I have the same doubt.
I would proberbly segregate that kind of info into a seperate database/table and encrypt the information.
The only reference would be a encrypted memberid or similar. That would to some extend improve the security
Thanks :)
Mila
Im using the Membership control wich uses the C# Membership Provider.
When I set properties to the member inside Umbraco, I cant find it inside the database. So where is this information stored, and is it secure enough?
The properties I would like to attach to this member is account total value (how much money he has on his account), and his bank account number (not creditcard data, but so he can cash out his money to his bankaccount).
But is it safe to do? Or would it be better to store in a encrypted database? And how do i encrypt a database? :-)
/Peter
(Sorry for my stupid questions, if they are, but Im not good at encrypting and database settings) :-)
is working on a reply...