Thanks for the response. Yes, using ssl.
On Tuesday, April 16, 2013 1:05:15 PM UTC-5, Niphlod wrote: > > I'm a bit unsure on the statement "both my app and the api server app are > using ssh". If you mispelled and wanted to write "ssl" instead of "ssh", > then I'm ok. If everything is behind SSL, no "man in the middle" can see > what you are passing back/forth your apps. > > On the "secureness" of the rather default username/password combo instead > of a fixed character length key, it's a no brainer: if you're fine with > username/password you should be reassured that a fixed key would be equally > secure (albeit it has to match username+password length and complexity). > From the theoretical standpoint, you need to pass a string in either case > to the app. > > -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
