andrewbadera
Programmer
hello-
looking to implement a secure-as-reasonable user signup and login process. I intend to carry out all user information and password interactions under SSL; I'm debating implementing MD5 hash clientside and passing the result of hashing the password to the DB and store the MD5 hash vs. simply passing the password cleartext, under SSL, and storing the password as an SHA hash in my SQL Server database.
any pros or cons to these options?
looking to implement a secure-as-reasonable user signup and login process. I intend to carry out all user information and password interactions under SSL; I'm debating implementing MD5 hash clientside and passing the result of hashing the password to the DB and store the MD5 hash vs. simply passing the password cleartext, under SSL, and storing the password as an SHA hash in my SQL Server database.
any pros or cons to these options?