This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Applets and the fly likes Encrypt password before submission of form Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Applets
Bookmark "Encrypt password before submission of form" Watch "Encrypt password before submission of form" New topic
Author

Encrypt password before submission of form

shashank dwivedi
Ranch Hand

Joined: Mar 06, 2012
Posts: 61
Hi i have an encryption utility class.
Can i use it some how to encrypt password before submitting form ?
I heard it can be done using applet.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1035
    
  10

Since the Applet jar file or classes have to be downloaded before the Applet can run an attacker can get extract the key from these files then he can decrypt the password. You would do better to consider using HTTPS rather than HTTP then all transactions between the client and the server will be encrypted.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41134
    
  45
an attacker can get extract the key from these files then he can decrypt the password.

... unless we're talking about an asymmetric encryption algorithm and its public key. But I agree that using HTTPS is a better approach.
shashank dwivedi
Ranch Hand

Joined: Mar 06, 2012
Posts: 61
http://www.jacobward.co.uk/automating-client-side-password-encryption-for-phpcurl-web-bot-form-submission/

got one solution here using JS...
 
wood burning stoves
 
subject: Encrypt password before submission of form
 
Similar Threads
How can I encrypt the password using j_security_check?
How to Encrypt and Decrypt the password in JSP
The onsubmit event
Encrypt form POST data before calling servlet through JSP
problem with j_security_check