Answer the question
In order to leave comments, you need to log in
How to transfer the username and password in encrypted form from the form to the server?
Hello!
I have a couple of questions:
1) When filling out a form (login and password), how can I transfer this data not in its pure form, but in encrypted form to the server?
Everything is clear about the HTTPS protocol. But still - what are the ways to encrypt (possibly with a special encryption key) the transmitted login and password to the server?
I tried to do it with javascript using a special encryption algorithm and using a key (salt). Then I did the obfuscation of my js file with some "strong" obfuscation (one way obfuscation), which turned the login and password into a get request and sent it to the server. But it's still not an option in my opinion.
2) And the second question. Many people make session tokens in the form of a username and password.
The topic is obviously old. But it makes sense to do this if CURL can bypass it very quickly - and no token will help (from enumeration of passwords).
Answer the question
In order to leave comments, you need to log in
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question