We have a simple HTML page which includes one form with two fields: username & password.
The form submits to a PHP page.
When I post the form, the password should be encrypted not as a plain text.
If a user enters password as “abc”, then after post & get that value it should be encrypted.
We have a simple HTML page which includes one form with two fields: username & password.
The form submits to a PHP page.
When I post the form, the password should be encrypted not as a plain text.
If a user enters password as “abc”, then after post & get that value it should be encrypted.
Share Improve this question edited May 1, 2016 at 14:41 dakab 5,92510 gold badges46 silver badges70 bronze badges asked Aug 21, 2012 at 9:11 JacksonJackson 1,5344 gold badges29 silver badges67 bronze badges 1- Why do you need to have your form work this way? If you want enchanced security, wouldn't it be better to use an HTTPS connection for your website? – Jocelyn Commented Aug 21, 2012 at 9:14
1 Answer
Reset to default 4You can't encrypt a password for transmission...
unless you use SSL.
If you don't use the https protocol, it won't be encrypted.
You can encrypt the password for storage at the server. That means that it can't be decrypted once stored, and therefore, the user can't get the plaintext password back.
However, if somebody intercepts the transmission, the password will be plaintext unless SSL is used. If you use SSL, you need to pay to get an SSL certificate.
Alternatively, you can create a self-signed SSL certificate. However, many browsers will plain and tell the user it is an insecure site, until the user clicks to confirm that they want to visit the site, even though it is insecure.
Otherwise try http://www.cacert/ for free SSL certificates. But free certificates are normally still not well recognized by browsers.