I deployed a small app on the intranet and noticed that the username and password are transmitted in plain text (using a tool WireShark, http://www.wireshark.org/).
Here is my setup: 2.8.2-stable+timestamp.2013.11.28.13.54.07 (Running on Rocket 1.2.6, Python 2.7.6) Database: Postgresql So, I checked the model and noticed that my auth did not include hmac_key. So, I changed that to auth = Auth(db, hmac_key=Auth.get_or_create_key()) But, this did not help either. What should I do to make sure that user's passwords are transmitted as encrypted? Thanks, PT -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
