I am working on creating a toolbar application that will invoke a URL on the server and increase a User's points(as an incentive to use the toolbar). Right now the URL is a GET(I can and will change it to POST).
The issue is, I need to make sure that someone cannot, using any sort of a hack, increase the points. The URL is ofcourse a publicly accessible URL.
Will Basic HTTP Authentication make sense in this case? If yes, wont I need to store username-password with the toolbar, which again can be easily hacked?
-thanks