Reply to Re: Proposal for Lite Encryption for Login Form without SSL

Your name:

Reply:


Posted by Bruno Barros on 10/01/07 09:39

> The server could send the client an arbitrary word that the client
> should hash, using the password as salt. This salted hash is then sent
> to the server for verification.

If it's arbitrary, then odds are it will not be repeated easily.

What I mean is how does the browser know the salt he gave the user on
registration? I can register and only log the day after. The thingy
will not be in session any longer.

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация