rejetto forum

Encrypt password between client and server

0 Members and 1 Guest are viewing this topic.

Offline NaitLee

  • Occasional poster
  • *
    • Posts: 86
  • Computer brained boy
    • View Profile
Currently when we change our password, the password sent to client is not encrypted.
When we login, the password is dealt with sha256. But if hacker hijacked the result, he can still do things with correct ajax method.

So beside https, how to get the best effect of encryption between client and server?
I think, The message sent between client and server should be hard to deal.
And we should find a way, to send password/encryption-related message without/cannot fully seen by hacker.

Scripting command: Data manipulation maybe useful as there are some mathematical things.
Additionally, {.get account||password.} can get original password, {.sha256|A.} can make it undiscoverable, {.time|yyyymmddhhMMss.} can get a timestamp...

Anyone can share a bit suggestions? :)
Thanks for noticing me :D , I'm just someone normal like others here :D
But don't forget to check out my template ;P


Offline Mars

  • Operator
  • Tireless poster
  • *****
    • Posts: 1987
    • View Profile
Currently when we change our password, the password sent to client is not encrypted.
When we login, the password is dealt with sha256. But if hacker hijacked the result, he can still do things with correct ajax method.

So beside https, how to get the best effect of encryption between client and server?
I think, The message sent between client and server should be hard to deal.
And we should find a way, to send password/encryption-related message without/cannot fully seen by hacker.

Scripting command: Data manipulation maybe useful as there are some mathematical things.
Additionally, {.get account||password.} can get original password, {.sha256|A.} can make it undiscoverable, {.time|yyyymmddhhMMss.} can get a timestamp...

Anyone can share a bit suggestions? :)

look at this post
http://rejetto.com/forum/index.php?topic=13326.msg1066139#msg1066139