Jump to content

Best practice for encrypting passwords between js and php


anonymous75178

Recommended Posts

I'm creating a registration form using AJAX. My question is, if I'm dealing with passwords, when is the best time to encrypt?

 

1. Do I send the password without encryption to the php file then encrypt it?

2. Do I encrypt the password using JS then submit to the php file?

3. Should I do something else?

I was told it is useless to use a JS function to encrypt passwords since it can be decrypted as easily as it can be encrypted at all times. Visitors have access to your scripts at all times. You could use a secure 2-way encryption algorithm but it is complicated. Also, users can always disable JS so you MUST ecrypt server-side (for example before you verify against a database entry).

 

Off course, anyone with better understanding can correct what I claim here.

good luck

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.