[thelist] PHP Login Security
Nickolay Kolev
nmkolev at uni-bonn.de
Sat Oct 12 17:01:01 CDT 2002
>But don't forget, and this is a BIG sin committed by loads of
>sites, that there is little or no point using encrypted data for
>"security" if the data has been entered on a non secured
>connection.
> You might encrypt them after they've been sniffed in the plain
> text send...
my point exactly... what is the point of encrypting the data on the
page I actually want to use it??
the data I enter in a form is sent form my computer to the server
in unecrypted form (unless using an SSL connection) anyway and
there is nothing you can actually do about it, right?
nmk
More information about the thelist
mailing list