Hi everyone! I'm sorry if this has been answered before, but I had a look and couldn't find it.
Is it normal that in the registration/login/changepassword process, the password is transmitted in clear text(POST Variable)? My main worry, is that any scriptkiddy can fire up a sniffing program and capture the password. For the moment I've put the site under SSL, but this is far from optimal. Is there a feature/component/"hack" that will encrypt the password during these processes? Thanks in advance, David --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
