views:

185

answers:

6

What's the best way to hash the user password at the client browser, before sending it to the web server, so that only the hash goes out, not the plain-text password?

EDIT: assuming HTTP is used (not HTTPS)

+2  A: 

Use javascript to calculate the hash. See this for an example on how to calculate SHA-1 hashes in JS.

Beware that if you make yourself dependant on Javascript, your system will fail as soon as someone has JS disabled. You should use HTTPS if this is a concern to you, which has its own setbacks (e.g. certificates cost money if you want them to be immediately accepted by browsers.)

Martin Hohenberg
+1  A: 

Not all people have JavaScript enabled in their browsers and even the idea of sending hashes on a plain-text channel I think is not secure enough.

I would recommend you to consider a SSL secured connection.

CMS
+2  A: 

Try using this jQuery encryption plugin. Out of curiosity, what's wrong with using SSL/HTTPS and encrypting at the server side?

Traveling Tech Guy
I presume working on plain HTTP
Andy
+1  A: 

This site has quite comprehensive hashing/crypto stuff: JavaScript Encryption Library

o.k.w
+1  A: 

JavaScript side encryption like the jQuery Encryption library stops Eavesdroppers. However, MITM (Man-in-the-Middle) can still occur. SSL/TLS is the ultimate choice that is highly recommended to take unless you are on shared hosting (no dedicated IPs) or your site is receiving so much traffic that you can't simply encrypt all connections (JS, CSS, HTML, ...).

rFactor
A: 

Why would you bother doing this? Effectively, the password hash has become the password and a a man-in-the-middle who intercepts the hash can use it to authenticate and perform any action as the user. On the other hand, if you don't believe in the man-in-the-middle, why not just send the password itself?

erickson
Challenge-Response protects against Eavesdropping -where you can't alter any data, but just listen to it. Since tokens are one-time only, the eavesdroppers will always be late and gain no use of the token.
rFactor
Yes, that's true, I suppose it would stop an eavesdropping-only attacker from discovering the password. But in that case, I'd just just use HTTP Digest authentication rather than rolling my own.
erickson