Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Login Encryption

 
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have a page where the user logs into the system through an iframe. i am encrypting the password field with md5 using javascript when the form is submitted. I have not implemented ssl(https) for the page. Is this secure enough for my page? i fear whether hacking techniques like packet sniffing can still read my encrypted password? I tried implementing ssl for the iframe but i couldnt.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

I tried implementing ssl for the iframe but i couldnt.


What did you try, and how didn't it work?
 
Arun Christopher
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am unable to get the form values in my action(struts) while submitting the iframe form with https. Moreover some javascript functions stop working. Google results also suggests the incompatibility of ssl and iframe. I just want to know whether encrypting a string(password) with md5.js(say) and submitting the form can prevent packet sniffing and related technologies crack or view my password?
[ December 02, 2008: Message edited by: Arun Christopher ]
 
Ranch Hand
Posts: 89
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

encrypting a string(password) with md5.js(say) and submitting the form can prevent packet sniffing and related technologies crack or view my password?


MD5 is a hashing algorithm.It is not meant for encryption.It is a one way function.
 
Arun Christopher
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by K Aditi:

MD5 is a hashing algorithm.It is not meant for encryption.It is a one way function.



Hashing algorithms are used for encryption worldwide. MD5 and sha-1 are the widely used ones.
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Hashing algorithms are used for encryption worldwide.


It would be less confusing to say "... for one-way encryption...". Most often the term encryption is used to mean two-way (reversible) encryption, and hashes are not reversible.
 
I found some pretty shells, some sea glass and this lovely tiny ad:
We need your help - Coderanch server fundraiser
https://coderanch.com/t/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic