Henry Wong wrote:
First of all, MD5 is *not* an encryption library -- as you may have noticed, there is no way to "decrypt" it. Also, it didn't take a password (or keys) which encryption requires.
lekurwale amol wrote:
Hi Henry,
Thanks for your prompt reply. My requirement is : when user enters password in browser, I need to hash/encrypt it before sending to server. On server, I need to decrypt it. So, I am in search of a liabrary, where the 'encryption' is written in javascript and 'decryption' in java. Would be grateful if you provide a reference to such a kind of stuff.
Regards,
Amol
lekurwale amol wrote:My requirement is : when user enters password in browser, I need to hash/encrypt it before sending to server. On server, I need to decrypt it.
Jesper Young wrote:
Note that calculating the hash code on the client side in JavaScript is not a secure solution by itself. Someone could easily send a fake request with a hashed password in it. You should at least use HTTPS instead of normal HTTP to make it more secure.
lekurwale amol wrote:I agree that storing the encrypted one is better but my client requires to store the actual password in DB.
Did you see how Paul cut 87% off of his electric heat bill with 82 watts of micro heaters? |