hide password in traffic and source

[ralphtrent]

Hi
I need to hide or somehow disguise a password that will be on a website on my corp. network. The form ask for our domain id and password and then you can do what it is you need to do. The password is sent in clear text and is visible in the source code because I reuse the password in my code. Is there a way to encrpyt the pwd so that the pwd will not be seen or caught?

Thanks.

 

[winston1983]

One simple way would be to set it to a string variable and make it equal to lots of small strings. This will only eliminate bots collecting the password, but people will still be able to decypher it.

e.g.

dim pword = "p" & "a" & "s" & "s" & "w" & "o" & "r" & "d"

Regards,


Lewis Harvey
lewis@lharvey.com

 

[kosmokramer]

Humm...not sure about ASP, but I know in PHP there is a function called md5() which creates a string 32 characters long. Here's an example password generator (In PHP)

<?php
$String = "This is the text which will be encrypted so that you can create a random password"
$Length = 8; //This determines the length of your password
$String = md5($String);
$StringLength = strlen($String);
srand((double) microtime() * 1000000); //Seeds random number generator
$Begin = rand(0,($StringLength-$Length-1)); //Pick arbitrary starting point
$Password = substr($String, $Begin, $Length);
print("Your password is:<br />$Password");
?>