Re: Proposal for Lite Encryption for Login Form without SSL

C. (http://symcbean.blogspot.com/) wrote:
On 2 Oct, 17:01, klenwell <klenw...@xxxxxxxxx> wrote:
On Oct 2, 5:53 am, "C. (http://symcbean.blogspot.com/)"
<snip>
C.
C.,

Do you mind outlining the iframe method you use?

Thanks,
Tom

Page has form with input fields for username and password, a button
and and a hidden iframe (uninitialized).
User fills in username and password, clicks a button. Button calls
javascript to set the location of the iframe passing username as a GET
parameter. This location is a PHP script which generates a javascript
which is sent to back to the browser, with $s_u and $s_s. Javascript
retieves current password value from outer window and hashes it, then
puts the value back into the password field and submits the form.

C.


How much more complicated do you want this? Never mind that it won't work for those with javascript disabled.


--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@xxxxxxxxxxxxx
==================
.

Loading