[development] Re: [drupal-devel] Securing Login: MD5 password hashing using javascript

Rafa Couto rafacouto at gmail.com
Thu Nov 10 15:47:00 UTC 2005

> It is possible to secure sending of password using md5 hashes
> on the client side using javascript.
> A good example and explaination of this could be found at
> http://pajhome.org.uk/crypt/md5/auth.html

Have you tested it with charset cases? Does JS show same MD5 value in
UTF-8 as in ISO-X-Y charsets? It could result in a crash test...

I think that JS hashing gives more problems than benefits. May be a
virtual keyboard to avoid keyloggers...

Rafa Couto (caligari)
mailto:rafacouto @gmail.com
Linux user #99126 (http://counter.li.org)

More information about the development mailing list