Quote:
|
The problem with that is that if they sniff packets they can pull out the md5, and even though they can't get it back out, they can send it already hashed. Of course, we could defeat that with a salt, but SSL would still be far more secure.
|
No, don't try to make the client hash the password before sending it up. Send the password encrypted, but using something that can be decrypted. SSL would be perfect because the keys are dynamically generated, and the server would be able to decrypt the block once it got it. Then, using the (now decrypted and now plaintext) password, the server compares a hash of it to the hash you have in the user database, to see if the password is correct.