Security of the Login Method
0 views
Skip to first unread message
Ed Ferguson
Nov 1, 2007, 4:23:23 PM11/1/07
to DivShare API Developers
The current login method requires that the user's e-mail address and
password be sent in the clear. If that information were intercepted,
the user's account could be compromised. It would be more secure to
have the login method use the MD5 hash of the password. (Instead of
changing the current login method, an additional login method with
password hash could be provided for those concerned about security.)
password be sent in the clear. If that information were intercepted,
the user's account could be compromised. It would be more secure to
have the login method use the MD5 hash of the password. (Instead of
changing the current login method, an additional login method with
password hash could be provided for those concerned about security.)
Ed
Reply all
Reply to author
Forward
0 new messages