Flash Security
- Started
- Last post
- 6 Responses
- DL
How secure are the login sections on flash sites? Is it easy to break?
What would you say.
- sp0
dunno. guess it depends on how secure you make it?
are you storing the passwords, encrypted in a sql database or as plain text in a flat file?
one is inherently more secure than the other...
- unfittoprint0
if it interacts via php, with mc5 encryption saved in a MySQL database you can say is (reasonably) safe.
- DL0
ok. i wish i had more experience with flash, i would probobly understand better what you said.
mc5 is ... ?
- vena0
he means md5. according the the rfc:
The md5 algorithm takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest. The MD5 algorithm is intended for digital signature applications, where a large file must be "compressed" in a secure manner before being encrypted with a private (secret) key under a public-key cryptosystem such as RSA.
- vena0
an md5 fingerprint cannot be reversed, so basically it's a one-way encryption.
regardless, passwords are often sent to the authentication system in plaintext (unless the server uses SSL), which can be intercepted.
- DL0
oh yeah, i'm such a "print weenie"