Home/ Questions/Q 9292843
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-18T20:58:45+00:00

I want to create a secure login, so I want to encrypt the password

  • 0

I want to create a secure login, so I want to encrypt the password before I send it as POST parameter. I am doing it with a SHA1 javascript function.

Then I realize that if someone intercepts the encrypted password, he can use it right away. Sending it as a post parameter the same URL.

How can I be sure that the password comes from the login input field? Maybe with a PHP session? I don’t want to use secure http yet. Anyone has a simple alternative?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    How can I be sure that the password comes from the login input field?

    You can’t.

    The closest thing to that is the usual defences against CSRF … but that will only stop people tricking users into submitting data from their site to your site. It won’t protect passwords.

    I don’t want to use secure http yet. Anyone has a simple alternative?

    HTTPS is the simple option.

    • 0