Consider a scenario, where user authentication (username and password) is entered by the user

Question

0

Asked: May 20, 20262026-05-20T17:15:22+00:00 2026-05-20T17:15:22+00:00

Consider a scenario, where user authentication (username and password) is entered by the user

0

Consider a scenario, where user authentication (username and password) is entered by the user in the page’s form element, which is then submitted. The POST data is sent via HTTPS to a new page (where the php code will check for the credentials). Now if a hacker sits in the network, and say has access to all the traffic, is the Application layer security (HTTPS) enough in this case ? I mean, would there be adequate URL encryption or is there a need to have Transport Layer security ?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-20T17:15:22+00:00

Editorial Team

2026-05-20T17:15:22+00:00Added an answer on May 20, 2026 at 5:15 pm

Yes, everything (including the URL) is going through the encrypted channel. The only thing that the villain would find out is the IP address of the server you are connecting to, and that you are using HTTPS.

Well, if he was monitoring your DNS requests as well, he might also know the domain name of the IP address. But just that, the path, query parameters, and everything else is encrypted.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Consider a scenario, where user authentication (username and password) is entered by the user

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply