Javi Posted November 25, 2011 Posted November 25, 2011 Hello How I can encrypt the password a user enters in the login window? I have seen that the password is sent in clear to the server. Thank you. ----------------------------------------------------- Hola ¿ Como puedo cifrar la contraseña que introduce un usuario, en la ventana de login ? Yo he visto que la contraseña se envia en claro al servidor. Gracias. Quote
andersa@ellenshoej.dk Posted November 26, 2011 Posted November 26, 2011 I think you need ssl for this. Quote
zilav Posted November 26, 2011 Posted November 26, 2011 1) SSL 2) Create custom HTML login form inside UniHTMLFrame, and then attach ajaxRequest call to submit button and/or onkeydown to password field, and pass the hashed password with it (there are plenty of md5 js scripts around). Use onAjaxEvent to receive it. Actually this works fine, I'm using the similar approach when making my own CheckListBox since UniGui doesn't have it's own yet. Quote
micbasov Posted November 26, 2011 Posted November 26, 2011 1) SSL 2) Create custom HTML login form inside UniHTMLFrame, and then attach ajaxRequest call to submit button and/or onkeydown to password field, and pass the hashed password with it (there are plenty of md5 js scripts around). Use onAjaxEvent to receive it. Actually this works fine, I'm using the similar approach when making my own CheckListBox since UniGui doesn't have it's own yet. Hi zilav! Do you have the opportunity to lay out the demo CheckListBox? For my project is very important. Quote
Javi Posted November 27, 2011 Author Posted November 27, 2011 1) SSL 2) Create custom HTML login form inside UniHTMLFrame, and then attach ajaxRequest call to submit button and/or onkeydown to password field, and pass the hashed password with it (there are plenty of md5 js scripts around). Use onAjaxEvent to receive it. Actually this works fine, I'm using the similar approach when making my own CheckListBox since UniGui doesn't have it's own yet. Use SSL for now, I can not use it. Generating an HTML login. I have not sufficient skills to do so. Farshad, you somehow integrate text encryption. Thanks --------------------------------------------------------------------------- Usar SSL, de momento, no puedo usarlo. Generar un HTML login, yo no tengo suficientes conocimientos técnicos para hacerlo. Farshad, vas a integrar de alguna forma la encriptación de texto. Gracias Quote
patmap Posted November 27, 2011 Posted November 27, 2011 Hello How I can encrypt the password a user enters in the login window? I have seen that the password is sent in clear to the server. Thank you. ----------------------------------------------------- Hola ¿ Como puedo cifrar la contraseña que introduce un usuario, en la ventana de login ? Yo he visto que la contraseña se envia en claro al servidor. Gracias. You can encrypt in javascript to MD5 or SHA and send to server, then check server side this encypted password. no need to decrypt in server side ! save all passwords with MD5 or SHA, in database or other storages. Quote
zilav Posted November 27, 2011 Posted November 27, 2011 I made a demo app which has encrypted login form and checklistbox together. Password is 'test'. To Farshad: However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors. I don't know what to blame - IE or some bug in UniGUI. Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there. CustomAjax.zip Quote
micbasov Posted November 27, 2011 Posted November 27, 2011 I made a demo app which has encrypted login form and checklistbox together. Password is 'test'. To Farshad: However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors. I don't know what to blame - IE or some bug in UniGUI. Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there. Thanks for the demo, we will try to test your example. Quote
Javi Posted November 27, 2011 Author Posted November 27, 2011 I made a demo app which has encrypted login form and checklistbox together. Password is 'test'. To Farshad: However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors. I don't know what to blame - IE or some bug in UniGUI. Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there. Thanks zilav Quote
Administrators Farshad Mohajeri Posted November 28, 2011 Administrators Posted November 28, 2011 Best solution here is using SSL. You can use it in ISAPI mode. We will implement it for Standalone server soon. Quote
Administrators Farshad Mohajeri Posted November 28, 2011 Administrators Posted November 28, 2011 I add a issue log for it when SSL is not used: #1190 Quote
liangyang Posted December 30, 2011 Posted December 30, 2011 I made a demo app which has encrypted login form and checklistbox together. Password is 'test'. To Farshad: However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors. I don't know what to blame - IE or some bug in UniGUI. Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there. the demo very good!! If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors. ----- solved? thx. Quote
liangyang Posted January 14, 2012 Posted January 14, 2012 CustomAjax.rar I made a demo app which has encrypted login form and checklistbox together. Password is 'test'. To Farshad: However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors. I don't know what to blame - IE or some bug in UniGUI. Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there. I try to modify 1 Quote
ygerdel Posted January 17, 2019 Posted January 17, 2019 Hello, do you know any option to encrypt passwords more secure than those described here? I would like advice on applying an encryption of passwords that do not have to decrypt. I would like advice on applying an password encryption that you do not have to decrypt later. Thanks Quote
Tokay Posted January 17, 2019 Posted January 17, 2019 I'm not sure it's worth protecting the password. Intruder can catch any hash and can successfully login later. SSL is better, all traffic can be encrypted. Quote
Ronbral Posted January 17, 2019 Posted January 17, 2019 Zilav: Parece melhor com uma chave de segurança aleatória e um controle de edição padrão em vez de ... CustomAjax-Rev1.rar ATTENTION! I forgot to clean Edit before sending .... Here's the fix: Const js = 'function keydown(sender, e, eOpts) '+ '{ var event = e; '+ ' if (event.keyCode == 13) { '+ ' var v = this.value; '+ ' this.setValue(""); '+ ' ajaxRequest(@frm@,"LoginEvent",["password="+MD5("@key@"+v)]); '+ ' } }'; Quote
Administrators Farshad Mohajeri Posted January 18, 2019 Administrators Posted January 18, 2019 SSL is the right solution. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.