It sounds like what you're after is some kind of automated client- server encryption. Oh wait, that's SSL. It's the only option.
On Jul 2, 11:39 pm, DML <[email protected]> wrote: > Hi everyone! > > I'm sorry if this has been answered before, but I had a look and > couldn't find it. > > Is it normal that in the registration/login/changepassword process, > the password is transmitted in clear text(POST Variable)? > > My main worry, is that any scriptkiddy can fire up a sniffing program > and capture the password. > For the moment I've put the site under SSL, but this is far from > optimal. > > Is there a feature/component/"hack" that will encrypt the password > during these processes? > > Thanks in advance, > David --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
