security - How to send password securely over HTTP? -
If a form is submitted on the login screen user with their username and password, then the password is sent in plain text (Even with the post, suggest my mistake if I'm wrong).
The question is, what is the right way to protect the user and his password against third parties, which may be hidden on the communication data?
I know that HTTPS is a solution to the problem, but is there any way to ensure at least some level of security by using the standard HTTP protocol (post request)? (Possibly in some way javascript)
edit I may have left some important things.
What I had about this page - This is the PHP generated login page, which is sent as an HTML file to the user in the HTTP GET request. There is no connection between the server and the client (@Jeremy Powell) connection, so I can not create such a hardware protocol. And I want to make the whole process transparent for the user - he wants to submit a password, do not want to deal with cryptography.
Thank you.
Comments
Post a Comment