| Subject | Re: Favor: Encrypt passwords |
|---|---|
| Author | Doug Chamberlin |
| Post date | 2000-01-22T01:31:07Z |
At 1/21/2000 07:03 PM (Friday), Jason Wharton wrote:
to the web server encrypted is to 1) us SSL or 2) download an applet, DLL,
or other component which can perform a reasonable encryption algorithm.
Certainly #2 is not desirable at all which leaves #1 as the only widely
supported choice.
If anyone knows of alternatives i have a bunch of colleagues who would love
to hear about it!
>I would like to take the password that people enter into the survery andI think the only way for a web page to accept a password and send it back
>send and store only the encrypted version of it over the net. This way the
>original password will remain non-disclosed but the provider will have
>reasonable security that nobody else is going to ever see their actual
>password. I don't want people's raw passwords in the IBDI database.
to the web server encrypted is to 1) us SSL or 2) download an applet, DLL,
or other component which can perform a reasonable encryption algorithm.
Certainly #2 is not desirable at all which leaves #1 as the only widely
supported choice.
If anyone knows of alternatives i have a bunch of colleagues who would love
to hear about it!