Javi Posted November 25, 2011 Share Posted November 25, 2011 Hello How I can encrypt the password a user enters in the login window? I have seen that the password is sent in clear to the server. Thank you. ----------------------------------------------------- Hola ¿ Como puedo cifrar la contraseña que introduce un usuario, en la ventana de login ? Yo he visto que la contraseña se envia en claro al servidor. Gracias. Quote Link to comment Share on other sites More sharing options...
andersa@ellenshoej.dk Posted November 26, 2011 Share Posted November 26, 2011 I think you need ssl for this. Quote Link to comment Share on other sites More sharing options...
zilav Posted November 26, 2011 Share Posted November 26, 2011 1) SSL 2) Create custom HTML login form inside UniHTMLFrame, and then attach ajaxRequest call to submit button and/or onkeydown to password field, and pass the hashed password with it (there are plenty of md5 js scripts around). Use onAjaxEvent to receive it. Actually this works fine, I'm using the similar approach when making my own CheckListBox since UniGui doesn't have it's own yet. Quote Link to comment Share on other sites More sharing options...
micbasov Posted November 26, 2011 Share Posted November 26, 2011 1) SSL 2) Create custom HTML login form inside UniHTMLFrame, and then attach ajaxRequest call to submit button and/or onkeydown to password field, and pass the hashed password with it (there are plenty of md5 js scripts around). Use onAjaxEvent to receive it. Actually this works fine, I'm using the similar approach when making my own CheckListBox since UniGui doesn't have it's own yet. Hi zilav! Do you have the opportunity to lay out the demo CheckListBox? For my project is very important. Quote Link to comment Share on other sites More sharing options...
Javi Posted November 27, 2011 Author Share Posted November 27, 2011 1) SSL 2) Create custom HTML login form inside UniHTMLFrame, and then attach ajaxRequest call to submit button and/or onkeydown to password field, and pass the hashed password with it (there are plenty of md5 js scripts around). Use onAjaxEvent to receive it. Actually this works fine, I'm using the similar approach when making my own CheckListBox since UniGui doesn't have it's own yet. Use SSL for now, I can not use it. Generating an HTML login. I have not sufficient skills to do so. Farshad, you somehow integrate text encryption. Thanks --------------------------------------------------------------------------- Usar SSL, de momento, no puedo usarlo. Generar un HTML login, yo no tengo suficientes conocimientos técnicos para hacerlo. Farshad, vas a integrar de alguna forma la encriptación de texto. Gracias Quote Link to comment Share on other sites More sharing options...
patmap Posted November 27, 2011 Share Posted November 27, 2011 Hello How I can encrypt the password a user enters in the login window? I have seen that the password is sent in clear to the server. Thank you. ----------------------------------------------------- Hola ¿ Como puedo cifrar la contraseña que introduce un usuario, en la ventana de login ? Yo he visto que la contraseña se envia en claro al servidor. Gracias. You can encrypt in javascript to MD5 or SHA and send to server, then check server side this encypted password. no need to decrypt in server side ! save all passwords with MD5 or SHA, in database or other storages. Quote Link to comment Share on other sites More sharing options...
zilav Posted November 27, 2011 Share Posted November 27, 2011 I made a demo app which has encrypted login form and checklistbox together. Password is 'test'. To Farshad: However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors. I don't know what to blame - IE or some bug in UniGUI. Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there. CustomAjax.zip Quote Link to comment Share on other sites More sharing options...
micbasov Posted November 27, 2011 Share Posted November 27, 2011 I made a demo app which has encrypted login form and checklistbox together. Password is 'test'. To Farshad: However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors. I don't know what to blame - IE or some bug in UniGUI. Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there. Thanks for the demo, we will try to test your example. Quote Link to comment Share on other sites More sharing options...
Javi Posted November 27, 2011 Author Share Posted November 27, 2011 I made a demo app which has encrypted login form and checklistbox together. Password is 'test'. To Farshad: However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors. I don't know what to blame - IE or some bug in UniGUI. Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there. Thanks zilav Quote Link to comment Share on other sites More sharing options...
Administrators Farshad Mohajeri Posted November 28, 2011 Administrators Share Posted November 28, 2011 Best solution here is using SSL. You can use it in ISAPI mode. We will implement it for Standalone server soon. Quote Link to comment Share on other sites More sharing options...
Administrators Farshad Mohajeri Posted November 28, 2011 Administrators Share Posted November 28, 2011 I add a issue log for it when SSL is not used: #1190 Quote Link to comment Share on other sites More sharing options...
liangyang Posted December 30, 2011 Share Posted December 30, 2011 I made a demo app which has encrypted login form and checklistbox together. Password is 'test'. To Farshad: However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors. I don't know what to blame - IE or some bug in UniGUI. Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there. the demo very good!! If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors. ----- solved? thx. Quote Link to comment Share on other sites More sharing options...
liangyang Posted January 14, 2012 Share Posted January 14, 2012 CustomAjax.rar I made a demo app which has encrypted login form and checklistbox together. Password is 'test'. To Farshad: However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors. I don't know what to blame - IE or some bug in UniGUI. Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there. I try to modify 1 Quote Link to comment Share on other sites More sharing options...
ygerdel Posted January 17, 2019 Share Posted January 17, 2019 Hello, do you know any option to encrypt passwords more secure than those described here? I would like advice on applying an encryption of passwords that do not have to decrypt. I would like advice on applying an password encryption that you do not have to decrypt later. Thanks Quote Link to comment Share on other sites More sharing options...
Tokay Posted January 17, 2019 Share Posted January 17, 2019 I'm not sure it's worth protecting the password. Intruder can catch any hash and can successfully login later. SSL is better, all traffic can be encrypted. Quote Link to comment Share on other sites More sharing options...
Ronbral Posted January 17, 2019 Share Posted January 17, 2019 Zilav: Parece melhor com uma chave de segurança aleatória e um controle de edição padrão em vez de ... CustomAjax-Rev1.rar ATTENTION! I forgot to clean Edit before sending .... Here's the fix: Const js = 'function keydown(sender, e, eOpts) '+ '{ var event = e; '+ ' if (event.keyCode == 13) { '+ ' var v = this.value; '+ ' this.setValue(""); '+ ' ajaxRequest(@frm@,"LoginEvent",["password="+MD5("@key@"+v)]); '+ ' } }'; Quote Link to comment Share on other sites More sharing options...
Administrators Farshad Mohajeri Posted January 18, 2019 Administrators Share Posted January 18, 2019 SSL is the right solution. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.