On Wed, Dec 29, 2010 at 07:00, David Hutto <smokefl...@gmail.com> wrote:
> Correct me if I'm wrong, but If you initially type the username and
> password into a file, and you have, in my paranoid scenario, a
> keylogger you don't know about, it get's logged, but also, i assume it
> would get logged if you typed it in as well, on the site, or that
> someone could lift the password if given the authority on your system,
> correct?

There is little us as serverside programmers can do when the user's
system is already compromised. However, securing the password down the
wire is certainly our job.

Dotan Cohen


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to