Jqueryui.info - Should I do password hashing before or after submitting post data?

24th of June 2013 0

Should I do password hashing before or after submitting post data?

I’m trying to create a login form. My original plan was that after dumating submitting the password through an HTML form, I would then hash and salt the password then store them in the database. Is it better idea to hash the password first so what gets submitted in the postdata is already hashed? Would it be more secure or is it a waste of time? Is this possible in javascript/jquery?

Best answer:

Answer by gjmb1960
if you send and store a hashed password then there is no use to hash it. because if some-one reads the hashed password from the database, he can use that hashed password, even without unhashing it.

if you send a plain password and store it hashed in the database it is a bit safer, because you will first need to unhash the password before using it.

still better is to send an unhashed password over httpS(ecure) and store it hashed in the database.
the ssl protocol with encrypt the password transparently for you.

Know better? Leave your own answer in the comments!

Share it!

Was it good for you to?

Sponsors

Support for the site!

No sponsors at the moment.



Your opinion matters. Add it below.


Tip: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Recent comments

Categories



Copyright jqueryui.info since 2010. All rights reserved. Design and the Absolute Theme by Tommie Hansen.