Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Encrypt password before submission of form

 
shashank dwivedi
Ranch Hand
Posts: 63
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi i have an encryption utility class.
Can i use it some how to encrypt password before submitting form ?
I heard it can be done using applet.
 
Richard Tookey
Bartender
Posts: 1166
17
Java Linux Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Since the Applet jar file or classes have to be downloaded before the Applet can run an attacker can get extract the key from these files then he can decrypt the password. You would do better to consider using HTTPS rather than HTTP then all transactions between the client and the server will be encrypted.
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
an attacker can get extract the key from these files then he can decrypt the password.

... unless we're talking about an asymmetric encryption algorithm and its public key. But I agree that using HTTPS is a better approach.
 
shashank dwivedi
Ranch Hand
Posts: 63
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic