in reply to Re: web cgi forms data security...
in thread web cgi forms data security...

I'm going to be interested in how you propose to retrieve the data from that digest... since it returns a 16 byte one-way hash of the data. :)

Now, to give you credit, you could at least verify that the people hadn't switched up the data from form to form with this. That isn't an unimportant task and worthy of implementing even if the users decides to go with SSL only and just let HTTP and the browser resend the arguments over and over.

--
$you = new YOU;
honk() if $you->love(perl)

Replies are listed 'Best First'.
Re: Re: Re: web cgi forms data security...
by sgifford (Prior) on Dec 30, 2003 at 21:37 UTC

    That's actually easy to do. Each time the page loads, you just create a massive distributed computing project to try all possible usernames and passwords.

    Might be a little slow, though.

[reply]

In Section Seekers of Perl Wisdom