I am working on an asp.net mvc rest webservice for traffic updates. This web-service will provide information for an iphone and blackberry application.
Users need to log in to store things like their favorite routes and to create new routes.
What type of authentication should be used?
I am thinking of basic authentication where i give the app a GUID for each logged in user.
I am worried though that people can hack into other users accounts by connecting to the webservice url once they find it out.
Also will they be able to post things by guessing the users GUID or is it unguessable?
The data I want to store isnt very sensitive and the safety isnt considered very important. Should I store the passwords in plain english or salt and hash?
If there is a better way to perform authentication for those apps using MVC please let me know as I am not familliar with this topic
Thanks in advanced!