Hi just wondering how people send password and username in forms … i havent used forms before and now that im working on the backend section i need to create a signup and login and logout … didnt think it would be a problem until i got working on the form …
Problem with the form is it posts allright but the username and password were visible when you go to dev tools to look at the network/ headers tab … and after not finding anything online except about how they should be encoded in base64 … but nothing on how to change the form to do this …
But im am wondering how others approached this … i know i can use oAuth but i want to be able to do signup login logout and to make sure im doing it properly and securely … any advice would be appreciated.
ye i know its just encoded not encrypted … it just seems to be recommendation to encode the username and password so i did.
as for bots thats a problem for another time but will keep it in mind … as it hadnt been something i had considered till you mentioned it. Have read hidden input fields have being used and if they are filled in you know it was a bot … so ill read up on that again and on captcha. Ty ty
yes, the https is a secure connection to the server. The only other issues you might see are related to a new issue with sloppy cert authorities, but that is not under your control since your site is hosted. Only thing you can do is ask who issued the CA and decide if it is worth using them.
This is a big issue and so the CA must be a good source.