Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Re: Encrypting User/Pass sent by WWW::Mechanize

by tomazos (Deacon)
on Sep 19, 2005 at 13:15 UTC ( #493152=note: print w/replies, xml ) Need Help??


in reply to Encrypting User/Pass sent by WWW::Mechanize

It sounds like the web page you are logging onto is using HTTPS (a secure encrypted connection).

You can confirm this by looking at the first part of the Address bar in your web browser when you log into your brokerage account. If it says "https://" at the front, you are using HTTPS. If it says "http://" at the front, you are using an unencrypted connection.

If it does say https, try substituting http in the Address bar of your web browser, and login again. If it doesn't work this means your server only allows encrypted login.

Now check whether your username and pass are submitted via a GET or POST. You can do this by logging into your brokerage account and then look at the first Address after you login. If it contains your username somewhere in it, than it is GETing, if it doesn't than you are POSTing.

Finally if you are POSTing and your server requires HTTPS, and your script in its current form works - than your username and password are already being encrypted by HTTPS and you do not need to do it a second time.

In any case, chances are no-one is going to sniff your password. If a professional wanted to do it - they can always hack the DNS system to setup a fake proxy between you and the server. Several people in Switzerland have had their online banking hacked and money stolen by some Russians just recently using this technique. The banks used timed-sessions over HTTPS and had snail-mailed user IDs and passwords, but they still got through. Feel safe? :)

-Andrew.


Andrew Tomazos  |  andrew@tomazos.com  |  www.tomazos.com
  • Comment on Re: Encrypting User/Pass sent by WWW::Mechanize

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://493152]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (3)
As of 2023-02-05 11:39 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    I prefer not to run the latest version of Perl because:







    Results (31 votes). Check out past polls.

    Notices?