Dave's Top 10 Ways to Secure Your Web Application - Level 300

In this webcast, you will see some practical best practices for writing secure ASP.NET code. The following topics have been used by the author in real world code and will be covered: hash your passwords in the Presentation Tier and where they're stored, use Role Based Authentication, Use Declarative Security with PrincipalPermissionAttribute and SecurityAction.Demand, use Imperative Security with IsInRole, roll your own custom Principal, wrap possibly unsecure code with Try Finally and make sure to cleanup in the Finally block, defeat brute-force attacks with maximum retry counts, encrypt sensitive data in .config files and other places with System.Security.Cryptography, use Code Access Security to ensure least-privilege in your assemblies, and use the Framework - DON'T REINVENT THE WHEEL!.