Re: Re-authentication proposal for LedgerSMB 1.3 (HTTP Auth)

["David Tangye" <..hidden..>]

On 10/3/07, Chris Travers <..hidden..> wrote:

I think we should separate the issues of storage and transmission.  The password is always stored at some point in browser memory in plain text (for example, when it is entered).  It is always submitted to the server in plain text in the initial login in all of these cases.  So the question is, where is the window of risk and how do we mitigte it. 

I have reread some of your old msgs about RESTful programming, and read some tutorials on REST and AJAX last week. Based on my limited understanding, I guess you are thinking to pass the user's application-level username and password from page to page, typically via GET, POST etc, and not use cookies. If that is so, cant the password be encrypted on entry by clientside _javascript_, eg via md5 I suppose, and then that string used by backend _javascript_/perl etc. The backend code would compare whatever string is passed from the client with whatever is stored (md5 encrypted) in a LSMB USERS table? If this is the case, then no clear text password is ever passed over the network, not even when a new password is entered or changed.