Nicolas Costes wrote in 00fd01c13a94$e3329b80$0100a8c0@p2333:">news:00fd01c13a94$e3329b80$0100a8c0@p2333:
> Hellorgh, all !!!
> Does anyone knows if there is a way to MD5-encode strings with
> JavaScript ?
The algorithm is described in RFC 1321.
<URL:http://www.ietf.org/rfc/rfc1321.txt>
> I use MD5() to encode passwords then insert them in my account
> database, and when a user logs in, i do
> MD5($password_provided_by_form) to compare it with the one stored
> in the DB. Ok, fine, I cannot see the users's passwords but when
> they log in, everyone can sniff it !!!
MD5 is a one way algorithm, which means that you won't be doing MD5 on
the server.
> That's why i'd like to encode passwords at client-side.... a
> Javascript MD5() function should be fine, but i think it doesn't
> exists .... and I can't use (and i don't know how to ;~p ) SSL,
> https: ....
Which won't help you in any way, in effect you'll just be sending a
plaintext password that's a lot longer.
> Someone's got any solution ????
A secure connection is your only real solution here.
--
Arve «The pessimist sees difficulty in every opportunity.
The optimist sees opportunity in every difficulty.»
- Winston Churchill
http://www.bersvendsen.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]