How to send password securely over HTTP?
Posted 14 October 2018 - 01:55 PM
My question is what is the right way to protect the user and his password against the third party who might be eavesdropping on the communication data?
Posted 15 October 2018 - 04:05 PM
Posted 15 October 2018 - 10:19 PM
You can sort of get away generating one time use passwords, sending them via email or SMS to the end user when they start their logon process. This going to be a huge pain in the neck for both you and your users. Use HTTPS.
Posted 15 October 2018 - 10:35 PM