Because IFD uses claims-based authentication as its authentication method, resulting in users’ credentials being posted to the server, you must encrypt the credentials with an SSL certificate. SSL encrypts information using 1024-bit or 2048-bit encryption and is the same level of protection used by major banking and financial institutions.
A certificate of 2048 bits is recommended because it has the more secure level of protection. SSL uses port 443 by default (but you could use any other port), so this port must be set to allow traffic in your firewall—provided that you’re using one.
You can obtain SSL certificates from a number of different certificate-issuing authorities, including Verisign or Thawte. Be sure to get ...