• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Tim Cooke
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Devaka Cooray
  • Ron McLeod
  • paul wheaton
Saloon Keepers:
  • Tim Moores
  • Piet Souris
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Frits Walraven
  • Scott Selikoff

Login Encryption

 
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have a page where the user logs into the system through an iframe. i am encrypting the password field with md5 using javascript when the form is submitted. I have not implemented ssl(https) for the page. Is this secure enough for my page? i fear whether hacking techniques like packet sniffing can still read my encrypted password? I tried implementing ssl for the iframe but i couldnt.
 
Rancher
Posts: 43028
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

I tried implementing ssl for the iframe but i couldnt.


What did you try, and how didn't it work?
 
Arun Christopher
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am unable to get the form values in my action(struts) while submitting the iframe form with https. Moreover some javascript functions stop working. Google results also suggests the incompatibility of ssl and iframe. I just want to know whether encrypting a string(password) with md5.js(say) and submitting the form can prevent packet sniffing and related technologies crack or view my password?
[ December 02, 2008: Message edited by: Arun Christopher ]
 
Ranch Hand
Posts: 89
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

encrypting a string(password) with md5.js(say) and submitting the form can prevent packet sniffing and related technologies crack or view my password?


MD5 is a hashing algorithm.It is not meant for encryption.It is a one way function.
 
Arun Christopher
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by K Aditi:

MD5 is a hashing algorithm.It is not meant for encryption.It is a one way function.



Hashing algorithms are used for encryption worldwide. MD5 and sha-1 are the widely used ones.
 
Ulf Dittmer
Rancher
Posts: 43028
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Hashing algorithms are used for encryption worldwide.


It would be less confusing to say "... for one-way encryption...". Most often the term encryption is used to mean two-way (reversible) encryption, and hashes are not reversible.
 
You totally ruined the moon. You're gonna hafta pay for that you know. This tiny ad agrees:
the value of filler advertising in 2021
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic