|
durumdara
durumdara at gmail.com
Tue Oct 10 03:52:51 EDT 2006
Hi ! I need to use restricted areas. The user can login by a common usr/pwd form. But I want to protect the password. Basically the data/content is travelling in uncoded form on the net. If anyone use an interceptor utility, he/she can see the user names, and passwords too... I know that banks are used https (ssl) for avoid auth. problems. The gmail is use very simple https/ssl trick - it is use this slow method for login only, and later it use normal http connection. First question: Anyone knows about a method that I can safely use for password protection ? Next: If not, how to build a simple https subsite to login safely (after this I will use normal http). Thank you very much for your help: dd
|