felito Posted July 1, 2011 Share Posted July 1, 2011 Suppose that i do a login to a website. When i type my personal data, aka, password and email, the password is sent in clear text to the server, correct? Then, a network card in promiscuous mode can capture the password? how this can be avoided? thanks Link to comment https://forums.phpfreaks.com/topic/240856-login-with-a-password-in-clear-text/ Share on other sites More sharing options...
xyph Posted July 1, 2011 Share Posted July 1, 2011 SSL Certificate from a trusted 3rd party Link to comment https://forums.phpfreaks.com/topic/240856-login-with-a-password-in-clear-text/#findComment-1237139 Share on other sites More sharing options...
felito Posted July 1, 2011 Author Share Posted July 1, 2011 so, i can capture a password in facebook login if the connection is made in http? Link to comment https://forums.phpfreaks.com/topic/240856-login-with-a-password-in-clear-text/#findComment-1237146 Share on other sites More sharing options...
xyph Posted July 1, 2011 Share Posted July 1, 2011 I suppose it's possible. Link to comment https://forums.phpfreaks.com/topic/240856-login-with-a-password-in-clear-text/#findComment-1237161 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.