Remove From My Forums

Is OWIN based login more secure than Forms Authentication based login

Question
0

Sign in to vote

User1884398186 posted

I have a custom table called Users that contains columns for user name, hashed password and hash used. I am not using ASP.Net Identity based tables in my database, but my own custom set of security tables.

I am not able to understand if OWIN-based login would offer more security that forms authentication based login.

Question: In my scenario, would using OWIN rather than forms authentication make the login cookie more secure against hackers?

Sunday, February 17, 2019 6:18 AM

Answers

0

Sign in to vote
User475983607 posted

Question: In my scenario, would using OWIN rather than forms authentication make the login cookie more secure against hackers?

OWIN Cookie Auth is not more secure, depending on your implementation, but it has more features like caching roles and claims.

https://blogs.msdn.microsoft.com/webdev/2013/07/03/understanding-owin-forms-authentication-in-mvc-5/
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Sunday, February 17, 2019 3:58 PM
0

Sign in to vote
User-893317190 posted

Hi sun21170,

OWIN is a middleware, it could provide authentication support for ASP.NET MVC, Web API, Web Form and even application without asp.net, which means it is more compatible.

OWIN could also use Forms Authentication , which is similar to FormsAuthenticationModule.

With owin identity authentication api, it could be easier to operate authentication and authorization.

For more information about comparison between owin and FormsAuthenticationModule , you could refer to https://blogs.msdn.microsoft.com/webdev/2013/07/03/understanding-owin-forms-authentication-in-mvc-5/

Best regards,

Ackerly Xu
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Monday, February 18, 2019 4:29 AM

All replies

0

Sign in to vote
User475983607 posted

Question: In my scenario, would using OWIN rather than forms authentication make the login cookie more secure against hackers?

OWIN Cookie Auth is not more secure, depending on your implementation, but it has more features like caching roles and claims.

https://blogs.msdn.microsoft.com/webdev/2013/07/03/understanding-owin-forms-authentication-in-mvc-5/
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Sunday, February 17, 2019 3:58 PM
0

Sign in to vote
User-893317190 posted

Hi sun21170,

OWIN is a middleware, it could provide authentication support for ASP.NET MVC, Web API, Web Form and even application without asp.net, which means it is more compatible.

OWIN could also use Forms Authentication , which is similar to FormsAuthenticationModule.

With owin identity authentication api, it could be easier to operate authentication and authorization.

For more information about comparison between owin and FormsAuthenticationModule , you could refer to https://blogs.msdn.microsoft.com/webdev/2013/07/03/understanding-owin-forms-authentication-in-mvc-5/

Best regards,

Ackerly Xu
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Monday, February 18, 2019 4:29 AM