defunct (thegreatdark) wrote in lj_dev,
defunct
thegreatdark
lj_dev

MD5 hashes vs plaintext passwords

Is it possible to create MD5 hashes on a Windows C++ client, example being the LiveJournal client?

If so, would it not make more sense to send the MD5 hash over HTTP POST (to login, etc) instead of the plaintext password? (I'm assuming plaintext; I'm damn sure it's plaintext)

Bad examples being -- someone accesses their LiveJournal on company time. Net admin sees this and forwards it to whoever. They, in turn, delete the person's LiveJournal. I mean, that's an extreme scenario, but it could happen. (Though chances are they'd fire someone before doing that)

I've heard numerous accounts of people saying their boss / company made them delete their LiveJournal. If the company could do it on their own...

Not to mention general security. Packet sniffers are no man's friend. (Well, unless I want your password, but that's a different story, isn't it?)
Subscribe

  • cl-journal livejournal client

    Hey everyone, I'd like to present a livejournal client that I wrote to fulfill my needs but maybe there are other people that can find it…

  • SessionGenerate and ljloggedin

    Are there any information after release 86 and changes in cookies scheme to use sessiongenerate? It returns ljsession key, but this key is not enough…

  • Retrieving comments

    Hi, Is there a way to retrieve a list of comments made by user XXX (which may or may be not the currently logged in user) in the journals of users…

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 19 comments

  • cl-journal livejournal client

    Hey everyone, I'd like to present a livejournal client that I wrote to fulfill my needs but maybe there are other people that can find it…

  • SessionGenerate and ljloggedin

    Are there any information after release 86 and changes in cookies scheme to use sessiongenerate? It returns ljsession key, but this key is not enough…

  • Retrieving comments

    Hi, Is there a way to retrieve a list of comments made by user XXX (which may or may be not the currently logged in user) in the journals of users…