There are plenty of (fairly indepth & technical) conversations on here about the use of passwords and how to send the data/password to the server.
It very much seems a consensus that unless you are using HTTPS/SSL then its totally pointless doing anything on the client. Given that Google App Engine does not support HTTPS/SSL, what is everyones opinion on this matter, what IS the best practice? As a side bar on this, up to now I have been using the google account login to deal with all this, but have been getting a LOT of resistance from my potential user community who get very lost and confused about the process when having to create a google account, prior to being able to create an account in my system, hence the "need" to look at having my own security, which scares me as I dont know anything about this subject, but I want my users logons/data to be safe and secure. -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.