Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
yes, whats lastdigits says, and because you still have to start coding, do it properly in one time.
Secure it by making it irreversable. Hash the password with a salt, unique, 1 for every user. Do it client side and do it in one time. Hash, post, dont store... -
@nobes i explain a little bit better but i suggest you do some googling, its very important.
in short
server sends a random value to user.
user encrypts/hash the random value with the hash of their password.
user posts the result as a password.
server receives, does the same, and compares😎
while the client is 'encrypting' the data, dont store it, also not in hashed form
Related Rants
I'm going to code a Login and the Webpage is ssl secured but should i hash the Password before it gets posted?
question
login
https
ssl
web
php
hash
html