Well maybe. md5 is just a one way hash. Hashing is not the same
as encrypting. Hashing is just to reduce a variable length input to a fixed
length to allow crypt|sign. To be secure you need to hash then crypt|sign
-----Original Message-----
From: GOMEZ Henri [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 12, 2001 3:05 PM
To: [EMAIL PROTECTED]
Subject: RE: Encrypting password
You could also use a little javascript to send
password coded with md5 and verify in servlet the
password for this user via md5 is equal to the
password string you received :
ie: http://pajhome.org.uk/crypt/md5/index.html
>-----Original Message-----
>From: Samson, Lyndon [IT] [mailto:[EMAIL PROTECTED]]
>Sent: Monday, March 12, 2001 3:44 PM
>To: '[EMAIL PROTECTED]'
>Subject: RE: Encrypting password
>
>
>You could write a custom applet, which could use any
>encryption algorithm
>you prefer.
>
>-----Original Message-----
>From: Sam Newman [mailto:[EMAIL PROTECTED]]
>Sent: Monday, March 12, 2001 2:35 PM
>To: [EMAIL PROTECTED]
>Subject: Encrypting password
>
>
>Am I right in saying the only method for encrypting user
>entered data (e.g
>from client desktopn browser to web server) is SSL?
>
>sam
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, email: [EMAIL PROTECTED]
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, email: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
