•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the JavaScript / DHTML / AJAX section within the Web Development category of DaniWeb, a massive community of 426,014 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 1,626 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our JavaScript / DHTML / AJAX advertiser: Lunarpages Web Hosting
Views: 358 | Replies: 2
 |
•
•
Join Date: Aug 2008
Posts: 3
Reputation: 
Rep Power: 0
Solved Threads: 0
Newbie Poster
I am using username and password. The password field is of type password. But when I do debugging i can see the password as typed in text. Is there any way to hide it. Any wrapper for this.
•
•
Join Date: Feb 2008
Location: Gurgaon India
Posts: 181
Reputation:
Rep Power: 1
Solved Threads: 14
Junior Poster
u simple use password field for this but if it show problem can u send me code
•
•
Join Date: Aug 2008
Posts: 375
Reputation:
Rep Power: 1
Solved Threads: 34
Posting Whiz
Right,
I see your concern here. Since you can grab the plain text value of the password input field using javascript or php, etc. Likewise the password is sent in plain text in the form POST method for anyone doing packet sniffing of your server...for that you need https:// or secure socket layer to protect.
As far as encrypting the password ... I'm afraid that would do no good since if someone has access to your pages via javascript they could bypass any encryption module used with javascript. Likewise they could decipher your encryption module (since it would be in plain javascript format) if they wanted to, anyway.
Luckily most web pages do not allow people to insert javascript into the page, and simply using secure socket layer will deter most would be crackers, unless your password protected data is very important and valuable, then I would hire a specialist in security and encryption to do that part of the site and not rely on limited knowledge to protect it.
In other words -- don't worry about it.
I see your concern here. Since you can grab the plain text value of the password input field using javascript or php, etc. Likewise the password is sent in plain text in the form POST method for anyone doing packet sniffing of your server...for that you need https:// or secure socket layer to protect.
As far as encrypting the password ... I'm afraid that would do no good since if someone has access to your pages via javascript they could bypass any encryption module used with javascript. Likewise they could decipher your encryption module (since it would be in plain javascript format) if they wanted to, anyway.
Luckily most web pages do not allow people to insert javascript into the page, and simply using secure socket layer will deter most would be crackers, unless your password protected data is very important and valuable, then I would hire a specialist in security and encryption to do that part of the site and not rely on limited knowledge to protect it.
In other words -- don't worry about it.
|
•
•
•
•
•
•
•
•
DaniWeb JavaScript / DHTML / AJAX Marketplace
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Linear Mode
Similar Threads
- Rijndael algo for Encryption and Decryption of Password (ASP.NET)
- Help me in username and password validation through accessing the database (ASP.NET)
- Password encoding/decoding (PHP)
- Simple ASP.Net Login Page (Using VB.Net) (ASP.NET)
- Encoding/Decoding (C)
Other Threads in the JavaScript / DHTML / AJAX Forum
- Previous Thread: problem with date validation
- Next Thread: DOM select HTML
