Re: Proposal for Lite Encryption for Login Form without SSL — PHP Programming Language

You are here: Re: Proposal for Lite Encryption for Login Form without SSL « PHP Programming Language « IT news, forums, messages

Posted by Bruno Barros on 10/01/07 09:39

> The server could send the client an arbitrary word that the client
> should hash, using the password as salt. This salted hash is then sent
> to the server for verification.

If it's arbitrary, then odds are it will not be repeated easily.

What I mean is how does the browser know the salt he gave the user on
registration? I can register and only log the day after. The thingy
will not be in session any longer.

Navigation:

Next in forum: Re: Proposal for Lite Encryption for Login Form without SSL
Prev in forum: Re: Reading comp.lang.php with a newsreader
Thread view: Re: Proposal for Lite Encryption for Login Form without SSL

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация