protected password

shaky

i'm developing a web based system,
here is a server and mainy client, i'm generally taking the password of user and matching it.
IS password not safe while travelling ?
is there any way to traverse password in safe way?
plz help me .

mystrymaster

not following the question

laserlight

well, one way would be to encrypt/decrypt sensitive info such as passwords.
maybe use SSL.

superwormy

HTTPS / SSL

http://www.thawte.com/

John_Canyon

you can also md5() your password when recieved, store it as such in the database. Its not surefire, but it will give you an added level of protection.

superwormy

But regardless, without SSL, the password travels plain text until it gets to your PHP script... which means it travels allllll the way over the Internet in plain text until it arrives...

stolzyboy

yep without ssl, you type in tweeder for your password and until it goes from your computer to the server with the php script, it will always look as tweeder

until then whatever way you use to encrypt it will then turn to

aohnfna43829y04fhn //whatever