Home/ Questions/Q 8486807
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T21:03:31+00:00

I have a login form that will submit id and password to a php

  • 0

I have a login form that will submit id and password to a php file which will then check that id and pw against data in an SQL database. How can i encrypt the outgoing form data to make sure nobody can see it until it gets to its destination?
the login form code is

<html>
<head>
<title>
Login page
</title>
</head>
<body>
<form name="login" action="fetchalldata.php" method="post">
Username : <input type="text" name="userid"/>
Password : <input type="password" name="pswrd"/>
<input type="button" name="submit" value="Login"/>
</body>
</html>

would prehashing the password on the database and
sending a hashed password be more effective?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    SSL is the answer. The only answer.

    However, if you must try go go with a home brew solution here is an idea to consider:

    • Have the PHP code provide Javascript with the current time stamp.
    • You take the password the user enters, append the time stamp, then encrypt it.
    • Pass back the encrypted password to the server with the time stamp.
    • Have the server make sure that the returned data is recent, let it check the encrypted password against its own math.
    • If the time stamp is too old or has been used to log in already reject it.

    This is still a lousy idea, but it isn’t as lousy as sending plain text passwords.

    Use SSL. Really.

    • 0