CGI question: safe passwords possible?
Paul Rubin
http
Sat May 31 07:30:09 EDT 2003
Gerhard Häring <gh at ghaering.de> writes:
> That's why I recommended to use digest authentication.
>
> See http://httpd.apache.org/docs/mod/mod_auth_digest.html
>
> It implements a similar algorithm that your proposed JavaScript
> gimmick did. Only that it works with all modern browsers, JavaScript
> enabled or not and that it's a standard.
Javascript has better browser coverage than digest auth, from what I
can tell. I would not seriously advise using either, but if I had to
choose one I'd use Javascript. A lot of people still use older
browsers which don't support digest auth but do support javascript.
I really think the OP should say more about what he's doing. If his
security requirements are bad enough that he needs to worry about
passwords being captured, he may have much worse problems that he
doesn't know about yet.
More information about the Python-list
mailing list