[wp-hackers] Client side password encryption
howard chen
howachen at gmail.com
Sun Mar 16 10:08:41 GMT 2008
On Sun, Mar 16, 2008 at 5:27 PM, Viper007Bond <viper at viper007bond.com> wrote:
> So I've been playing around with
> http://wordpress.org/extend/plugins/semisecure-login/
>
Personally, even if you encrypt the password at client side using md5,
it is still subject to replay attack.
A better system would be: http://pajhome.org.uk/crypt/md5/auth.html
Howard
More information about the wp-hackers
mailing list