|
Sean Davis
sdavis2 at mail.nih.gov
Tue Oct 10 02:46:34 EDT 2006
On Tuesday 10 October 2006 07:52, durumdara wrote: > Hi ! > > I need to use restricted areas. > The user can login by a common usr/pwd form. > > But I want to protect the password. Basically the data/content is > travelling in uncoded form on the net. > If anyone use an interceptor utility, he/she can see the user names, and > passwords too... > > I know that banks are used https (ssl) for avoid auth. problems. > > The gmail is use very simple https/ssl trick - it is use this slow > method for login only, and later it use normal http connection. > > First question: > Anyone knows about a method that I can safely use for password protection ? > > Next: > If not, how to build a simple https subsite to login safely (after this > I will use normal http). You'll need to set up ssl for your server. http://httpd.apache.org/docs/2.0/ssl/ Sean
|