SSL) or (All encrypt function) ?
In the website that user must login with username and password, for example my computer is in Thailand and Sitepointforum that i login is in USA. While my password send from my computer to Sitepointforum, someone can use sniffer program to intercept and got my password.
So, the correct way is encrypt password. For encrypt password I have many question, Help me please?
- For all encrypt function( such as crypt(); mcrypt() PASSWORD() MD5())
Is this function encrypt my password on my computer and send it to destination for verify ?
OR
send my plain text password to destination and encrypt at destination for verity?
for easy is this function encrypt at client and send, or send already as plaintext and encrypt?
- Is I understand correct?
SSL encrypt all of data that send between client and server such as for authentication I type
Username : intel
Password : tellme
SSL encrypt my username and password before and send it to destination and when it reach destination username and password is decrypt to original plain text?
When encrypt(), PASSWORD (in mysql) MD5() function can't decryt. What application this function helpful for?
If I want to encrypt password in my database and can decrypt when user loss password, Which function is best for do this? Can you have tutorial for me how to use it?
