| Index | Recent Threads | Unanswered Threads | Who's Active | Guidelines | Search |
 |
World Community Grid Forums
Category: Support
Forum: BOINC Agent Support
Thread: Secure Boinc Project ID |
| No member browsing this thread |
|
Thread Status: Active Total posts in this thread: 2
|
|
| Author |
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
How secure should I keep my BOINC project ID that I received from WCG? (Hopefully I haven't missed this information posted somewhere obvious.) Is it acceptable to place the project id on a web server that will be viewed by an entire university or should I take the time to use https or .htaccess on the page holding the key to prevent unwanted eyes from viewing it? I can think of one good reason not to make the id accessible by an entire campus. If some one gets my id, masquerades as my user, fakes some job results, and then gets cough I will be blamed because the id points back to me! So, am I over reacting and security is not necessary or do I need to lock the id down tight?
Thanks |
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
At World Community Grid, your account key is a lot safer than at other BOINC projects. WCG could see the security risk, so they don't allow anyone to log into your account with just the account key (other BOINC projects do!).
But if you are putting it in a public place, you should use the verification code instead. This is a so-called "weak account key". It changes if you change your password, so you can invalidate it if you need to. |
||
|
|
|