[development] Re: [drupal-devel] Securing Login: MD5 password
hashing using javascript
Rafa Couto
rafacouto at gmail.com
Thu Nov 10 15:47:00 UTC 2005
> It is possible to secure sending of password using md5 hashes
> on the client side using javascript.
>
> A good example and explaination of this could be found at
> http://pajhome.org.uk/crypt/md5/auth.html
Have you tested it with charset cases? Does JS show same MD5 value in
UTF-8 as in ISO-X-Y charsets? It could result in a crash test...
I think that JS hashing gives more problems than benefits. May be a
virtual keyboard to avoid keyloggers...
--
Rafa Couto (caligari)
mailto:rafacouto @gmail.com
Linux user #99126 (http://counter.li.org)
More information about the development
mailing list