The best way is to simply use https. Definitely DONT use javascript for encrypting the password (unless you encrypt it again on the server).
To remove passwords from your logs use this option in your Application controller filter_parameter_logging :password HTH Shuaib85 wrote: > Hi > > I was looking through my logs and I found that the password field in > rails does not get encrypted. It is sent not encrypted from the > browser. Is there anyway that I can encrypt the password field so if > some one intercept the packets he will not be able to read the > passwords --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
