anonymous75178 Posted January 20, 2011 Share Posted January 20, 2011 I'm creating a registration form using AJAX. My question is, if I'm dealing with passwords, when is the best time to encrypt? 1. Do I send the password without encryption to the php file then encrypt it? 2. Do I encrypt the password using JS then submit to the php file? 3. Should I do something else? Quote Link to comment Share on other sites More sharing options...
President Obama Posted January 24, 2011 Share Posted January 24, 2011 Encrypt it then send it to the php file. Theres a good article on it somewhere that I used, you have to a crypt library. Quote Link to comment Share on other sites More sharing options...
raknjak Posted January 25, 2011 Share Posted January 25, 2011 I was told it is useless to use a JS function to encrypt passwords since it can be decrypted as easily as it can be encrypted at all times. Visitors have access to your scripts at all times. You could use a secure 2-way encryption algorithm but it is complicated. Also, users can always disable JS so you MUST ecrypt server-side (for example before you verify against a database entry). Off course, anyone with better understanding can correct what I claim here. good luck Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.