|
| Question about password field encryption (salt) |
 |
Tue, 1 Apr 2008 10:18:46 +0000 |
So, I have a asp.net website with a login prompt using SQL Server 2005 Express,
In my MemberShipUsers database the password field is salted now the question is,
when the password moves through the internet, is the password field always in
the encrypted form or is it in clear text form when moving through the internet
? All common sense would say that it moves in the encrypted form.. but I'm just
checking.
|
| Post Reply
|
| Re: Question about password field encryption (salt) |
 |
Tue, 1 Apr 2008 14:32:35 +0000 |
According the the asp.net docs the password is transfered in plain text. It is
therefore recomended to use ssl on your login page
for more info check out the new security tutorial at
www.asp.net/learn/security
|
| Post Reply
|
|
|
|
|
|
|
|
|
|