- Joined
- Jul 20, 2010
- Messages
- 1
Not only are the input fields for passwords not marked as password (therefore it's not hidden to prying eyes) but I suspect they aren't being encrypted. Most people use their passwords for multiple websites so this is really dangerous, especially when coupled with an email address.
To fix this mark any input field with the type "password" and then store passwords as md5 hashes.
To fix this mark any input field with the type "password" and then store passwords as md5 hashes.