Ber I agree with you that Javascript is not a solution. It gives a false sense of security and exposes the stored md5 hash of the password. I also agree with you that SSL is the ultimate solution if one really needs security. However, I think that SSL in Drupal is an All Or None approach. Either the entire site is SSL, or not SSL. There is no way at present where only the login is https, and the rest is http. If this is addressed, then the whole argument for these half baked solutions goes away: need security? Get SSL for login. Period. On 11/9/05, Bèr Kessels <ber@webschuur.com> wrote:
On Tue, Nov 08, 2005 at 12:29:56PM -0500, Pat Collins wrote:
True, but not everybody can use ssl/tls. What about some kind of authentication checking where the site would keep track of where you have logged in from and upon detection of a change would prompt you with a question that only you would know or send you an email that you would have to respond to before you could gain access? If a user is really so concerned about security, he/she should just get SSL. Saying "if someone has no access to SSL/TLS, but still wants security" sounds like saying "I want my house burglar-safe, but do not want to pay for good safe locks".
I dislike the idea of using Javascript for hashing. It smells a lot like security through obscurity. And it brings a lot of new problems. I think we should simply re-use the existing tools. SSL and TLS.
Ber