Rene Veerman rene7...@gmail.com writes:
Recently, on both the jQuery(.com) and PHP mailinglists, a question has
arisen on how to properly secure a login form for a non-ssl web-application.
But the replies have been get ssl.. :(
I disagree, and think that with a proper layout of authentication
On Sun, 15 Feb 2009, Rene Veerman wrote:
Recently, on both the jQuery(.com) and PHP mailinglists, a question has
arisen on how to properly secure a login form for a non-ssl web-application.
But the replies have been get ssl.. :(
Unfortunately, they are right: get SSL.
If you have a
Hi,
Recently, on both the jQuery(.com) and PHP mailinglists, a question has
arisen on how to properly secure a login form for a non-ssl web-application.
But the replies have been get ssl.. :(
What makes you think these are ill-advised?
I disagree, and think that with a proper layout of
On Feb 15, 2009, at 7:30 AM, Rene Veerman wrote:
Recently, on both the jQuery(.com) and PHP mailinglists, a question
has arisen on how to properly secure a login form for a non-ssl web-
application.
What's the threat model?
users[user_id].user_login_hash = onewayHash(user_login_name +