如何在使用AJAX发送密码时保护密码？ [英] How to secure the password while it being sent using AJAX?

问题描述

我正在尝试保护用户的密码，但我注意到提交表单时发送的标题信息对所有人都可见。它是安全的还是有办法保证它的安全？我知道如何在JS中添加md5到密码，但MD5不再安全，我不能在JS中添加一个盐，因为每个人都可以找到盐是什么。那么你有什么建议呢？我想我很快就会在我的网站（https：//）上使用SSL，但我不确定，所以我需要另一种方法来保证通信安全。即使我有一个SSL，所以它来自HostGator的商业计划，如果我没有弄错， SSL不能在移动设备上运行。 （使用AJAX通过帖子发送的表格）。

I'm trying to keep user's password secured, but I noticed that the header information send while submitting the form is visible to everyone. Is it secure or is there a way to keep it secure? I know how to add md5 to the password in JS, but MD5 isn't secure anymore and I can't add a salt with JS because everyone can find out what the salt is. So what are you suggesting to do? I think that soon I'll have a SSL to my website (https://), but I not sure, so I need another way to keep the communication safe. And even if I'll have an a SSL, so it is from the business plan of HostGator, and if I'm not mistaken, the SSL doesn't work on mobile. (The form sent via post using AJAX).

推荐答案

AJAX无关紧要。

保护登录页面的唯一方法是使用SSL或TLS，它可以在现代移动浏览器上正常工作。

The only way to secure your login page is to use SSL or TLS, which work fine on modern mobile browsers.

这篇关于如何在使用AJAX发送密码时保护密码？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！