Xeoncross Posted May 23, 2008 Share Posted May 23, 2008 I have been looking over implementing OpenID into my blog and I found a class called phpMyID. This class uses HTTP Digest authentication to login stating it is more secure than leaving your password in plain text on the webpage (in an HTML form). However, my understanding is that both webforms and Digest auth send the data over the network in text form. Am I wrong? Does HTTP Auth md5 encode the password in the browser before it is sent? OR what makes the author think it is more secure? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.