| | |
Password encoding
Please support our JavaScript / DHTML / AJAX advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases
![]() |
u simple use password field for this but if it show problem can u send me code
Help as an alias
I think programming is great................
Tour Travel weblink by me and about Tour ,
Go To My Home Page and I m in Webdevelopment.
I think programming is great................
Tour Travel weblink by me and about Tour ,
Go To My Home Page and I m in Webdevelopment.
•
•
Join Date: Aug 2008
Posts: 381
Reputation:
Solved Threads: 33
Right,
I see your concern here. Since you can grab the plain text value of the password input field using javascript or php, etc. Likewise the password is sent in plain text in the form POST method for anyone doing packet sniffing of your server...for that you need https:// or secure socket layer to protect.
As far as encrypting the password ... I'm afraid that would do no good since if someone has access to your pages via javascript they could bypass any encryption module used with javascript. Likewise they could decipher your encryption module (since it would be in plain javascript format) if they wanted to, anyway.
Luckily most web pages do not allow people to insert javascript into the page, and simply using secure socket layer will deter most would be crackers, unless your password protected data is very important and valuable, then I would hire a specialist in security and encryption to do that part of the site and not rely on limited knowledge to protect it.
In other words -- don't worry about it.
I see your concern here. Since you can grab the plain text value of the password input field using javascript or php, etc. Likewise the password is sent in plain text in the form POST method for anyone doing packet sniffing of your server...for that you need https:// or secure socket layer to protect.
As far as encrypting the password ... I'm afraid that would do no good since if someone has access to your pages via javascript they could bypass any encryption module used with javascript. Likewise they could decipher your encryption module (since it would be in plain javascript format) if they wanted to, anyway.
Luckily most web pages do not allow people to insert javascript into the page, and simply using secure socket layer will deter most would be crackers, unless your password protected data is very important and valuable, then I would hire a specialist in security and encryption to do that part of the site and not rely on limited knowledge to protect it.
In other words -- don't worry about it.
![]() |
Similar Threads
- Password encoding/decoding (PHP)
- Rijndael algo for Encryption and Decryption of Password (ASP.NET)
- Help me in username and password validation through accessing the database (ASP.NET)
- Simple ASP.Net Login Page (Using VB.Net) (ASP.NET)
- Encoding/Decoding (C)
Other Threads in the JavaScript / DHTML / AJAX Forum
- Previous Thread: problem with date validation
- Next Thread: DOM select HTML
| Thread Tools | Search this Thread |
ajax ajaxcode ajaxexample ajaxhelp ajaxjspservlets animate automatically beta box browser bug calendar captchaformproblem checkbox child class close column createrange() css cursor date debugger dependent disablefirebug dom download dropdown editor element embed engine error events explorer ext file form forms getselection google gwt gxt hiddenvalue highlightedword hint html htmlform ie7 ie8 iframe images internet java javascript javascripthelp2020 jawascriptruntimeerror jquery jsf jsfile jump libcurl math media microsoft mimic object onmouseoutdivproblem onreadystatechange parent paypal pdf php player position post problem programming progressbar regex runtime scroll search security select shopping size software sql text textarea unicode w3c web website window windowofwords windowsxp wysiwyg \n





