While studying the Authentication Views in Django I came across some of the
build in views including password reset view. I got hang of its basic
working mechanism while reading the documentation I encountered the line
promoting the use of *set_unusable_password()* in Djagno authentication
On Dec 21, 10:35 am, Eric Chamberlain wrote:
> On Dec 18, 2009, at 7:58 PM, macdd wrote:
>
> > I am reading the django book. I just finished the chapter on
> > authentication. I get the jist of it. What I don't understand is the
> > overall security of authentication. If everything
On Dec 18, 2009, at 7:58 PM, macdd wrote:
> I am reading the django book. I just finished the chapter on
> authentication. I get the jist of it. What I don't understand is the
> overall security of authentication. If everything you do is passed as
> plain text then it isn't very secure. Okay so
On Fri, Dec 18, 2009 at 6:58 PM, macdd wrote:
> plain text then it isn't very secure. Okay so https comes in. What I
> don't understand is when to use it and when not to. It seems like if
> you authenticate over https just for user credentials and then go back
> to http
I am reading the django book. I just finished the chapter on
authentication. I get the jist of it. What I don't understand is the
overall security of authentication. If everything you do is passed as
plain text then it isn't very secure. Okay so https comes in. What I
don't understand is when to
Peter,
I don't disagree with you. However, based on Glen's security report
( I suspect they are using Nessus/Retina to produce the scan result
i.e. CVE - Common vulnerabilities and exposure ),his question was:
Does anyone know where to find such "stamp of approval" or "denial"
from HIPAA's
> You speak
> of HIPAA which translates to FISMA requirements.
I suspect they are complementary, not equivalent.
> I assume your web
> application i.e MYSQL will be storing Personal Identifiable
> Information (PII) such SSN, etc... In this case, you may have tough
> battle getting your web
Hi Glen,
I am not a lawyer, so please bear that in mind. However, I do work
for a major hospital, and have some experience with making IT systems
compliant with HIPAA regulations. That said, it's been a few years
since I was involved in that directly. So my experience may well be
out of date.
Jarvis,
If you are looking for a 'Stamp of Approval', you may be looking at
the wrong place. Django is an "Open Source" web framework which hasn't
been formally certified and accredited by the US Government. You speak
of HIPAA which translates to FISMA requirements. I assume your web
I have a customer who has a Django application that I have upgraded to
Django 1.1.
The customer wants to take this software in a more public arena. He
has to get HIPAA approval. The data is stored in a MySQL database and
the standard Django User Authentication model is used (out of the box
10 matches
Mail list logo