Brent Baisley wrote:
If you want to increase security then you really should use a secure connection, then everything is encrypted as well as other security measures. Even if you do encrypt the password you also need to establish and track a session to make sure it's the same computer you are communicating with, guarding against a hijacked connection.
Besides, using SSL is a heck of a lot easier. Just get a certificate for the server and slap https:// on the front of the URL. I'll admit I summarized the process a bit.
On Friday, January 10, 2003, at 11:12 AM, Scott Fletcher wrote:
I'll look into this and try it out. The only thing that is important to me
is that the password get encrypted before transmitting across the internet.
I'm not worry if the JS is disabled because if it is then the login will
never be authenticated. I'll keep on exploring for way to increase
security.
-- Brent Baisley Systems Architect Landover Associates, Inc. Search & Advisory Services for Advanced Technology Environments p: 212.759.6400/800.759.0577
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
