How to encrypt SSN in querystring?

J

Jeff

Hi

asp.net 4.0
visual studio 2010

I'm developing a website which will have ssn included in the querystring.
Are looking for ways to encrypt it.
Have thought about using System.Security.Cryptography namespace. But haven't
decided on which class to use. Considering X509Certificate. Also I think the
url have to SSL.

Thinking of encrypt the entire querystring, parameter name and parameer
value gets encrypted.

any recommendations?
 
M

Mr. Arnold

Jeff said:
Hi

asp.net 4.0
visual studio 2010

I'm developing a website which will have ssn included in the querystring.
Are looking for ways to encrypt it.
Have thought about using System.Security.Cryptography namespace. But haven't
decided on which class to use. Considering X509Certificate. Also I think the
url have to SSL.

Thinking of encrypt the entire querystring, parameter name and parameer
value gets encrypted.

any recommendations?

You need to come up with something else. There would be no way I would
come to your site with you using a SSN in the URL encrypted or not or
SSL, not in today's environment and identity theift.
 
S

Stefan Hoffmann

hi Jeff,

I'm developing a website which will have ssn included in the querystring.
Are looking for ways to encrypt it.
Have thought about using System.Security.Cryptography namespace. But haven't
decided on which class to use. Considering X509Certificate. Also I think the
url have to SSL.

Thinking of encrypt the entire querystring, parameter name and parameer
value gets encrypted.

any recommendations?
Use SSL, any other "encryption" can be broken. Use AJAX, if you want to
hide the information from the user.


mfG
--> stefan <--
 
R

Rajeev Gopal

hi Jeff,

On 09.06.2010 19:07, Jeff wrote:> I'm developing a website which will have ssn included in the querystring.



Use SSL, any other "encryption" can be broken. Use AJAX, if you want to
hide the information from the user.

mfG
--> stefan <--

Hi Jeff,

Better not to send SSN via querystring. For that matter, it is adviced
not to plug in any sensitive data in querystring. There could be
alternatives for sure.

Thanks,
Rajeev
 
C

Cubaman

Hi

asp.net 4.0
visual studio 2010

I'm developing a website which will have ssn included in the querystring.
Are looking for ways to encrypt it.
Have thought about using System.Security.Cryptography namespace. But haven't
decided on which class to use. Considering X509Certificate. Also I think the
url have to SSL.

Thinking of encrypt the entire querystring, parameter name and parameer
value gets encrypted.

any recommendations?

Hello:
Don't use query string. The spec for URL length does not dictate a
minimum or maximum URL length, but implementation varies by browser.
On Windows: Opera supports ~4050 characters, IE 4.0+ supports exactly
2083 characters, Netscape 3 -> 4.78 support up to 8192 characters
before causing errors on shut-down, and Netscape 6 supports ~2000
before causing errors on start-up. Encrypted SSN would be bigger than
this max length. Try to use post instead. And use ssl, it would
encrypt the whole page.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,994
Messages
2,570,223
Members
46,812
Latest member
GracielaWa

Latest Threads

Top