As far as I know, rhere are mutliple ways that we could use to improve the security.
For example:
You could check the send request IP address location and store it in the database.
If you find the send request IP address location is not in the normall location, you could disable user login firstly and send the Email to user to let the user check it.
Besides, we could enable SSL to improve the security for the oauth authorization.If we enable the SSL, the hacker will get the password more harder.
Best Regards,
Brando
.NET forums are moving to a new home on Microsoft Q&A, we encourage you to go to Microsoft Q&A for .NET for posting new questions and get involved today.
Member
177 Points
629 Posts
Improve security in Oauth authorization
Jun 17, 2019 04:14 AM|neoaguil17|LINK
Hi
I use a Token Based Authentication for Web API, such as in this article...
https://www.codeproject.com/Articles/1187872/Token-Based-Authentication-for-Web-API-where-Legac
I see that a hacker can get the encrypted password and create a windows service which can send the user and encrypted password to obtain the token,...
How could I improve this security?
Star
9831 Points
3120 Posts
Re: Improve security in Oauth authorization
Jun 17, 2019 09:10 AM|Brando ZWZ|LINK
Hi neoaguil17,
As far as I know, rhere are mutliple ways that we could use to improve the security.
For example:
You could check the send request IP address location and store it in the database.
If you find the send request IP address location is not in the normall location, you could disable user login firstly and send the Email to user to let the user check it.
Besides, we could enable SSL to improve the security for the oauth authorization.If we enable the SSL, the hacker will get the password more harder.
Best Regards,
Brando
Member
81 Points
51 Posts
Re: Improve security in Oauth authorization
Jun 19, 2019 09:17 AM|Titto Thomas|LINK
Ensure HTTPS communication for your application. That is the only best thing can be done to protect your password and token from transit.