[eluser]patbert[/eluser]
Hello. I am a bit of a simpleton here.
I have installed 1.1 and I am slowly trying to build a login/registration system.
It has occurred to me that if I just have my login form submit the username & password without ssl that the password will just be sent in plain text, no? To get around this I would have to have a javascript function that hashes the password in a manner that will exactly match the password hash that is in the db?