[development] Securing Login: MD5 password hashing using
allie at pajunas.com
Wed Nov 9 15:39:27 UTC 2005
I agree that there's no substitute for SSL, and I also agree that
some security is better than no security. As the author originally
stated, this doesn't necessarily protect the current session (you can
hijack a session by sniffing cookies anyway), but it protects against
collecting passwords for other uses.
Why can't this be done in contrib?
On Nov 9, 2005, at 9:29 AM, Khalid B wrote:
> false sense of security and exposes the stored md5 hash of the
> I also agree with you that SSL is the ultimate solution if one really
> needs security.
pajunas interactive, inc.
scalable web hosting and open source strategies
More information about the development