Secure Login System Problem

kechsoft

can some one tell me should i encrypt users password via javascript before sending it to the server or shd i encrypt it after posting it.??

halojoy

It is first time I see this topic.
Have not thought about if $_POST is secure or not.

Here is a similar topic:
Is method=POST secure?
http://www.webdeveloper.com/forum/showthread.php?t=66573

🙂

bradgrafelman

If you're wanting security, then use SSL. Don't know what you mean by encrypting it "after posting it"... you should always store passwords in a hashed/ecnrypted format (preferably with a complex salt added in as well).

jgetner

you can use a crypter and an Decypter class that parses that will crypt the 'strings' into none php and then decyrpt them with another class when the php parse prepares to read.

But this process could be very secure but also eat's up alot of space and speed.

the regular processes with mysql and other simple checks you put into your code could be twice as fast and just as secure.

laserlight

jgetner wrote:
you can use a crypter and an Decypter class that parses that will crypt the 'strings' into none php and then decyrpt them with another class when the php parse prepares to read.

I do not really understand what you are talking about. Encryption does not solve anything unless it is applied appropriately. bradgrafelman's suggestion of SSL is good because it involves encryption of traffic between client and server, which otherwise could be intercepted and read.