Hello all, I have written some php-based internal systems for our users. Users are required to authenticate to access this system, and their login determines what they are allowed to do within the system. I am concerned that their logging in with cleartext passwords is a security risk. I work in a K-12 school enviroment, and many of these students are rather devious and resourceful (as I was at that age :) ). My fear is some bright student setting a sniffer up on my network and gleaning passwords from it.
I am wondering if any of you have had similar problems. What is a more secure way for people to login? Is SSL an option, and if so, how do I go about using it? Do I have to purchase a certificate? Or is there some other option? Finally, should I be using .htaccess at all, or is there a better way? Thank you in advance for your advice. Tom Dominico Technology Coordinator Parlier Unified School District -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
