Securely send password using ajax request

Question

Securely send password using ajax request

to find out if it is safe to send a password through an Ajax request?

I have a login window that calls an ajax request to try to login / pass and get a JSON object with errors (if any).

Should I use form redirection instead?

[EDIT] Saving the encrypted password in the database is not a solution, because the login and password sent by ajax are the login / password for accessing the database itself (internal application).

+3

javascript ajax passwords

Arnaud F. Oct 23 '10 at 9:33

source share

4 answers

. crypt(text,key), crypt(crypt(T,A),B) == crypt(crypt(T,B),A), :

KEY. .
, crypt(password,KEY) .
, RAND
, crypt(password,RAND) AJAX. .
crypt(crypt(password,RAND),KEY) , crypt(crypt(password,KEY),RAND) . .

, . SSL- HTTPS .

+12

Victor Nicollet 23 . '10 9:50

:

-

: -, ( session_id),

: pw , ( session_id),

[: --, , ]

hash-salt-hash , ...

+1

Jochem 23 . '10 9:44

, , - " ". , , . javascript, , .

, , , , . , , SSL, , .

0

Slartibartfast Oct 25 '10 at 4:13

source share

gustavlarson · Accepted Answer · 2010-10-23T09:36:36+0000

, , - HTTPS HTTP. , , , .

Securely send password using ajax request

More articles: