Jump to content

Encrypt the password when sent to the server.


Recommended Posts

Posted

Hello

 

How I can encrypt the password a user enters in the login window? I have seen that the password is sent in clear to the server.

 

Thank you.

 

-----------------------------------------------------

 

Hola

 

¿ Como puedo cifrar la contraseña que introduce un usuario, en la ventana de login ? Yo he visto que la contraseña se envia en claro al servidor.

 

Gracias.

Posted

1) SSL

2) Create custom HTML login form inside UniHTMLFrame, and then attach ajaxRequest call to submit button and/or onkeydown to password field, and pass the hashed password with it (there are plenty of md5 js scripts around). Use onAjaxEvent to receive it.

Actually this works fine, I'm using the similar approach when making my own CheckListBox since UniGui doesn't have it's own yet.

Posted

1) SSL

2) Create custom HTML login form inside UniHTMLFrame, and then attach ajaxRequest call to submit button and/or onkeydown to password field, and pass the hashed password with it (there are plenty of md5 js scripts around). Use onAjaxEvent to receive it.

Actually this works fine, I'm using the similar approach when making my own CheckListBox since UniGui doesn't have it's own yet.

 

Hi zilav!

Do you have the opportunity to lay out the demo CheckListBox? For my project is very important.

Posted

1) SSL

2) Create custom HTML login form inside UniHTMLFrame, and then attach ajaxRequest call to submit button and/or onkeydown to password field, and pass the hashed password with it (there are plenty of md5 js scripts around). Use onAjaxEvent to receive it.

Actually this works fine, I'm using the similar approach when making my own CheckListBox since UniGui doesn't have it's own yet.

 

Use SSL for now, I can not use it.

Generating an HTML login. I have not sufficient skills to do so.

 

Farshad, you somehow integrate text encryption.

 

Thanks

---------------------------------------------------------------------------

 

Usar SSL, de momento, no puedo usarlo.

Generar un HTML login, yo no tengo suficientes conocimientos técnicos para hacerlo.

 

Farshad, vas a integrar de alguna forma la encriptación de texto.

 

Gracias

Posted

Hello

 

How I can encrypt the password a user enters in the login window? I have seen that the password is sent in clear to the server.

 

Thank you.

 

-----------------------------------------------------

 

Hola

 

¿ Como puedo cifrar la contraseña que introduce un usuario, en la ventana de login ? Yo he visto que la contraseña se envia en claro al servidor.

 

Gracias.

 

 

You can encrypt in javascript to MD5 or SHA and send to server, then check server side this encypted password. no need to decrypt in server side ! save all passwords with MD5 or SHA, in database or other storages.

Posted

I made a demo app which has encrypted login form and checklistbox together. Password is 'test'.

 

To Farshad:

However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors.

I don't know what to blame - IE or some bug in UniGUI.

Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there.

post-12-0-12588000-1322385441_thumb.jpg

CustomAjax.zip

Posted

I made a demo app which has encrypted login form and checklistbox together. Password is 'test'.

 

To Farshad:

However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors.

I don't know what to blame - IE or some bug in UniGUI.

Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there.

 

Thanks for the demo, we will try to test your example.

Posted

I made a demo app which has encrypted login form and checklistbox together. Password is 'test'.

 

To Farshad:

However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors.

I don't know what to blame - IE or some bug in UniGUI.

Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there.

 

Thanks zilav

  • 1 month later...
Posted

I made a demo app which has encrypted login form and checklistbox together. Password is 'test'.

 

To Farshad:

However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors.

I don't know what to blame - IE or some bug in UniGUI.

Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there.

 

the demo very good!!

 

If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors.

-----

solved?

 

thx.

  • 3 weeks later...
Posted

CustomAjax.rar

I made a demo app which has encrypted login form and checklistbox together. Password is 'test'.

 

To Farshad:

However, there are some troubles with IE (in FF its ok). If I select any elements (call ajaxRequest) and close window, it won't open again and shows random ajax errors.

I don't know what to blame - IE or some bug in UniGUI.

Also I put md5 function in separate js file, because when I tried to paste it inside UniHTMLFrame it generates error in some core unigui js file, I guess it doesn't handle well several characters there.

I try to modify

  • Upvote 1
  • 7 years later...
Posted

 

Hello, do you know any option to encrypt passwords more secure than those described here? I would like advice on applying an encryption of passwords that do not have to decrypt. I would like advice on applying an password encryption  that you do not have to decrypt later.

Thanks

Posted

I'm not sure it's worth protecting the password. Intruder can catch any hash and can successfully login later. SSL is better, all traffic can be encrypted.

Posted

Zilav: 

Parece melhor com uma chave de segurança aleatória e um controle de edição padrão em vez de ...

CustomAjax-Rev1.rar

 

ATTENTION!

I forgot to clean Edit before sending ....
Here's the fix:

 

Const js =  'function keydown(sender, e, eOpts) '+
            '{ var event = e; '+
            '  if (event.keyCode == 13) { '+
            '  var v = this.value; '+
            '  this.setValue(""); '+
            '      ajaxRequest(@frm@,"LoginEvent",["password="+MD5("@key@"+v)]); '+
            '  } }';

 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...