Whole weekend I was working on PHP/Javascript user authentication system. The goal was to minimize sending any unencrypted data over non-secure connection. So md5 was my best friend. Finally I did it, using AJAX and PHP.
And after few hours - first changes - from md5 to sha algorithm. Just in case...
I hope anyway - password and session id combined and hashed with sha are secure enough to be transported over non-secure connection...
No comments:
Post a Comment