Closed (fixed)
Project:
Drupal core
Version:
7.x-dev
Component:
user.module
Priority:
Normal
Category:
Feature request
Assigned:
Unassigned
Reporter:
Created:
11 Jul 2008 at 10:52 UTC
Updated:
8 Oct 2010 at 02:23 UTC
--- Sorry if it has any bad English, I'm Thai!
The username/password from login form is sent in plan text, and it is security hole! If we can make it more secure by adding MD5/SHA1 to it by using some JS Library on http://pajhome.org.uk/crypt/md5/. It can encrypt text in javascript and it's very fast! It's result was as same as PHP MD5()/SHA1() function (for hex_md5(),hex_sha1()).
If you can integrated this JS library to Drupal, it would be great!
Comments
Comment #1
lilou commentedFeature request go to HEAD.
Comment #2
marcingy commentedWe no longer send passwords