Site admin without username & password

Question

Right now I'm building a personal site/blog and have pretty much got it they way I want except I'm in two minds about how to add posts to it.

It's just me who'll be adding posts and to me having a user / name password to log in seems rather passé ;).

I'm looking in to alternatives to play around and experiment with and one idea I have is this:

Generate an asymmetric key, I personally keep the private and the site has the public key. When I try to add a post or modify any content the site will generate a random string, encrypt it with the public key and display it. I decrypt this using a little app I could whip together and pass the unencrypted string back to the site which will allow the modification to continue.

I'm just wondering about any caveats I should be on the look out for, or if anyone thinks this is a bad idea, perhaps an alternative I could try?

Cheers
Tony

Answer 1

Why not just have a user name and password and either have your web browser remember the login, or send an authentication cookie back that doesn't expire. Use a self signed SSL cert to secure the communications channel. If you want to use public/private key crypto just setup an SSH tunnel and post from localhost on your server. Trust me, it's better to re-use known good crypto/security than to try to roll your own.

Answer 2

I think the asymmetric key is an elegant solution - but a username/password is almost certainly going to be easier to implement.

If you're building your own site then you are just doing it for kicks (otherwise you'd be using WordPress, Drupal, Django, etc.) so why not do things differently?

You might find that having to carry around your keymat app might get a little restrictive, if you find yourself wanting to blog but without the means to identify yourself.

But, that said, @Kurt has the right idea for crypto - DIY is almost certainly going to be worse than using something already tried and tested.

Answer 3

One of the wisest statements I ever heard about security was "don't try and re-invent it".

Online security has been through so many iterations that it's highly likely that any bright idea you come up with has some flaw that has previously been found, considered and fixed.

If you want "casual" security, secure your site with a user name and password. If you want "strong" security, stick an SSL certificate on top of it. If you want "bank" security, add in anti-keystroke security.

Answer 4

Why not go one stage further from your suggestion and put the encrypted string in to the URL?

For example, turn the current date and time into a string - eg. 0904240905 - encrypt it with your private key and add this to a URL, e.g. http://yoursite.com/admin/dksjfh4d392s where dksjfh4d392s is the encrypted string. You site then has a servlet which extracts the encrypted string from the URL, verifies that it decrypts to a recent time and then gives you a session cookie while allows you to perform admin tasks.

Answer 5

SSL client certificates do this anyway. Why not just use one of those?

The main reason more people don't use SSL client certificates is that they're an administrative nightmare - you have to get end-users to create keys, then sign their certificates, then make sure the end-users don't lose their keys (when they lose their laptop, upgrade to a new OS etc), which they usually do, so you have to sign YET MORE certificates when the end-users lose their private keys.