redho home | products | services

Programming Forums


Community for Java, PHP, Perl C, ASP and Python programmers

Ask your IT question here

Programming Forums
FAQFAQ MemberlistArchive Log inLog in RegisterRegister

mail server security


Goto page Previous  1, 2, 3
 
Post new topic   Reply to topic    Programming Forums -> HTML forum
View previous topic :: View next topic  
Author Message
Ikopar
Enthusiastic Coder


Joined: 26 May 2006
Posts: 168
No, the key could match on the server, it could be stored both places
It has to be send originally though, bah
Security is hard
Roombor: can i limit access to a page so that only other pages on my domain can access them? because that way they couldn't send the hash directly to the page, it's a JSP in this case

Reply with quote
 
Roombor
Enthusiastic Coder


Joined: 02 Jun 2006
Posts: 111
maybe the random key thing will work
If you store the pass md5 encrypted server side + some random generated key
On the client side encrypt it once with the normal key, and encrypt the hash with the random key
Send it back to the server, on the server encrypt the hash with the random key, compare and generate a new random key
If they sniffed the hash it will be useless since the random key has changed
Reply with quote
 
Ikopar
Enthusiastic Coder


Joined: 26 May 2006
Posts: 168
thanks, you've given me some good ideas
Reply with quote
 
Roombor
Enthusiastic Coder


Joined: 02 Jun 2006
Posts: 111
;)
Reply with quote
 
Page 3 of 3 Goto page Previous  1, 2, 3
Post new topic   Reply to topic    Programming Forums -> HTML forum


Dubai Forums - Expat Help | Vegan Chat | Java Programming | Free 3D tutorials and 3d textures | Paris Forum | EU Forum
Free Dubai Classifieds | Free London Classifieds | Jobs in London

High Quality, Custom 3d animation and Web Design solutions Royal Quality Web Hosting Services Vegetarian and Animal Rights news

Powered by phpBB © 2001, 2005 phpBB Group