Sha1?
Printable View
Sha1?
Hi,
I'm not sure what you're asking Alloy, I use salted SHA1 for my database and test it using fiddler security debugger.
The passwords are readable from Flash over http unless you encrypt them within flash before sending to the php file.
http://www.telerik.com/fiddler
and if you already use fiddler you can see the data encrypted here on my test dbase - http://fruitbeard.net/dbase/
only the users password is visible over http headers not the whole db correct? I dont see why flash would access my whole database if php is handling all the data
amazing site by the way
Hi Alloy,
What I'm saying is that if you are sending a password from flash to php for it to be encrypted, then it is readable ( not encrypted ) before it gets encrypted.
Passing it over to the php file from flash already encrypted is much more secure.
No, Flash does not access your database, the php file is doing that.
I'm just saying that you might want to encrypt the password inside flash and then send it to the php file, which will place it in the database.
Apparently google are trying to persuade people to use SHA256 or other encryption methods and stop using SHA1, look it up.
Good idea, i will do that soon than for added security, your site improved alot from 3 years ago when it looked like mac lol, only thing I dislike about it that you never fixed was the mouse can lose focus if it drags a window to quickly
Hi,
Whats the rush, drag it slowly.
But I could change that.
true, but still, better to just have it right, id be on your site all day if i can load up a youtube video on one of those windows btw
nice you fixed it
Hi,
I didn't fix it Alloy, I merely changed it, big difference.
I'm touched by your kudos, ta.