Safest way to send username + password? [AJAX]

Post reply

❤Follow Topic(13)

0 favourites

38 posts
- 1
- 2
- 3

- Lordshiva1948
- - Joined 11 Feb, 2013
  - 2 topics • 2,048 posts
- 1
- 1 Jun, 2016
- Quote
lennaert someone else is pointing out what I was saying. I seen more christmas then you had since you had your nappy changed lennaert
- Toby R
- - Joined 23 Mar, 2015
  - 118 topics • 1,140 posts
- 1
- 1 Jun, 2016
- Quote
Well it's not really true that everything can be hacked. Of course your "system" security is not only encryption of data transfers, but your server setup, gateway, firewall, browser and bunch of other things depends on the system.

But these are usually pretty well done. It's not the weak encryption of data which usually fails. It's human who usually fails. Let's take Kevin Mitnick for instance. He is considered the most famous hacker in the world. There are books and movies about his life. Even such a guy as Kevin wasn't always able to crack/hack things in let's call it "digital way". He was doing more personal tricks. He talked to lady who was working in some company to get some information in a tricky way etc. So hacking is much more than fighting with encryption, scanning ports, sniffing network etc.

I am not an expert in security but as I am aware there is still no super computer in the world which can break 8-character UTF password encrypted with some one-way encryption like SHA1 during average man's lifetime. So there is no way to actually crack encrypted data, but there are ways to by-pass encryption.

What is usually enough to sleep stressless is SSL + params salted encryption with API-KEY. Companies from around the world use it by default for their webshops etc. This is a standard which is simply enough for e-commerce so I am sure it is enough for indie game industry as well. Just don't leave your data transfers plain text and you're quite fine .
Try Construct 3

Develop games in your browser. Powerful, performant & highly capable.
Try Now Construct 3 users don't see these ads
- lennaert
- - Joined 8 Oct, 2013
  - 94 topics • 2,110 posts
- 1
- 24 Jun, 2016
- Quote
lennaert someone else is pointing out what I was saying. I seen more christmas then you had since you had your nappy changed lennaert

Great that you compare christmas and nappies with computer science knowledge ...

Everyone llkely has a super computer and is interrested in the childish stuff you post. rofl

I have likely forgotten more about computer science and programming then you have ever understood on the subject .....
- Lordshiva1948
- - Joined 11 Feb, 2013
  - 2 topics • 2,048 posts
- 1
- 24 Jun, 2016
- Quote
you took your time answering post comments? Was you searching for Ashley to back you up
- lennaert
- - Joined 8 Oct, 2013
  - 94 topics • 2,110 posts
- 1
- 24 Jun, 2016
- Quote
you took your time answering post comments? Was you searching for Ashley to back you up

Nope, I was enjoying life instead of pretending to know and understand things like yourself, on a forum where you think portraying yourself as such is important

... shiva would be proud of you, hehehe
- Lordshiva1948
- - Joined 11 Feb, 2013
  - 2 topics • 2,048 posts
- 1
- 24 Jun, 2016
- Quote
lennaert nope I am not important and for your info Shiva is proud of you too. He bless you and your loved one too in health and wealth
- KitsuSenpai
- - Joined 20 Feb, 2015
  - 8 topics • 74 posts
- 1
- 24 Jun, 2016
- Quote
I would like to know if 2 step authentication like this or this would be possible in any way, that would it make really hard to steal accounts.

[EDIT:]

This and this one are even open source, so a plugin for construct would be a nice addition
- gumshoe2029
- - Joined 4 Mar, 2014
  - 31 topics • 1,416 posts
- 1
- 25 Jun, 2016
- Quote
Yea those both work for authentication. Two factor authentication is one of the most secure ways to do authentication.