Revision [1018]
This is an old revision of RalfLehmann made by RalfLehmann on 2004-08-17 19:20:31.
--Ralf Lehmann
Actually, I do have to say something now. :)
I was wondering if anybody else has thought about letting "the wiki" encrypt (MD5, of course) the password using javascript prior sending it (the password) to the server? I'm aware that this would require the client to have javascript enabled (doh!) and there are probably some issues I'm not yet aware of but there *might* be a smart solution that works for clients with/without javascript enabled... I haven't checked out each and every Wiki or CMS software (or you-name-it) yet to see how others handle it, though... ;)
edit: I'm not sure if this would really increase password's security in general. At least it wouldn't be sent unencrypted over the network anymore in case javascript is available...
Just let me add two links to some javascripts (pretty easy to find by searching for "md5 javascript" ;):
http://pajhome.org.uk/crypt/md5/ (english page; BSD license)
http://aktuell.de.selfhtml.org/artikel/javascript/md5/ (german page; free for any purpose)
--RalfLehmann, 2004-08-17
