top | item 2652397 (no title) badmonkey0001 | 14 years ago POST can be sniffed and is only slightly less vulnerable than GET. HTTPS at a dedicated address should be a minimum level of security for a login form. Anything else is readily vulnerable to sniffing or spoofing. discuss order hn newest stcredzero|14 years ago Properly implementing hashed passwords with challenge-response will protect your login, though your session information can still be sniffed.
stcredzero|14 years ago Properly implementing hashed passwords with challenge-response will protect your login, though your session information can still be sniffed.
stcredzero|14 years ago