Secure login

Question

If I'm trying to secure my login method. From an unsecured server the user enters their login credentials into a standard HTML form, which is POSTing to a script on a secure server. This script does all the necessary login functions, and sends the user back to the insecure server.

My question boils down to this: Is the login information encrypted through SSL before it is POSTed to the secure server, therefore preventing any man-in-the-middle packet sniffing. Or is everything still being sent in the clear, and the form doing the POSTing has to be hosted on the secure server as well?

Thanks

Answer 1

If you post over SSL then the information will travel over the wire encrypted and will prevent packet sniffing.

Is it possible to also host the actual login form page on the secure server? That way when the user goes to log in to your site they can see that the login page is secured and they can be confident that their login information will be posted using SSL. Otherwise, the user is presented with an unencrypted page where they are asked to enter their credentials and they have no way (short of viewing the HTML source) to know if their information will be submitted using SSL.

Another question I have is how does the unsecured server "know" that the user has actually been authenticated with the secure server? If it is being done using cookies or a browser redirect (both of which will be unencrypted since the user is being sent back to the unsecured server) then that information will be easily read by anyone on the wire. This could be a security hole where the user's credentials are actually secure but your application/web site is not protected from being accessed by individuals who have actually not authenticated themselves.