Everywhere I see the same:
"form-based info is transmitted in the least secure way"
"data integrity in form-based authentication is very weak"
And others things like this.
But I was thinking... a lot of web sites use some kind of form-based authentication, even not upon J2EE.
Are they (the others sites) safer then J2EE's sites? If yes, how? If no, why all this chat about the form auth-method is used almost by everybody?
"form-based info is transmitted in the least secure way"
"data integrity in form-based authentication is very weak"
And others things like this.
But I was thinking... a lot of web sites use some kind of form-based authentication, even not upon J2EE.
Are they (the others sites) safer then J2EE's sites? If yes, how? If no, why all this chat about the form auth-method is used almost by everybody?