+ 6

When making a password protected site how do you hide the password in your code so that people reading your code do not see it

Hiding your password

29th Nov 2018, 7:55 PM
Abraham
Abraham - avatar
12 Answers
+ 5
In what scenario would you include a password in code that is accessible to people?
30th Nov 2018, 12:02 AM
David Carroll
David Carroll - avatar
+ 4
👍
29th Nov 2018, 8:06 PM
Abraham
Abraham - avatar
+ 4
Thx
30th Nov 2018, 12:26 AM
Abraham
Abraham - avatar
+ 4
Hiding the password in the code
30th Nov 2018, 7:21 AM
Abraham
Abraham - avatar
+ 4
If you look at my codes its called password .2
30th Nov 2018, 7:50 AM
Abraham
Abraham - avatar
+ 3
Okay... I understand. This is for a simple exercise in Code Playground and nothing for a real world application. One option to consider is a one way hash script. Use this one way hash script to hash the password you plan to store in your code. So... Instead of using: const pasword = "123"; You would store the hash value: const hashedPassword = "202cb962ac59075b964b07152d234b70" This hash was generated using the following link: https://blueimp.github.io/JavaScript-MD5/ Next, the script used to create this hash would need to be in your code. This will be used to hash the user input password before comparing with the password in the code. Example: if( hashedPassword == hashThis(txtPassword) ) { ... } I hope this helps.
30th Nov 2018, 8:25 AM
David Carroll
David Carroll - avatar
+ 1
donykage Boss I'd further clarify that POST over SSL and GET with Request Body over SSL are the preferred methods for submitting sensitive data. However, this is for submitting data, not hiding passwords in code. Abraham Are you asking about submitting passwords or hiding passwords in code?
30th Nov 2018, 7:15 AM
David Carroll
David Carroll - avatar
+ 1
You want the password to be encrypted, usually no reason to add password directly
17th Jan 2019, 8:28 AM
Markpeach96
Markpeach96 - avatar
0
You want to encrypt your password so even if people see the encrypted password they can't do anything with it :)
29th Nov 2018, 11:38 PM
Schindlabua
Schindlabua - avatar
0
On one of our old company ftp servers we had a passwords.txt with plaintext passwords of every user just chilling on the desktop. :D
30th Nov 2018, 12:09 AM
Schindlabua
Schindlabua - avatar
0
consider the method in your form, method=“post”, this will hide ur code. place encryption method in your dbase
30th Nov 2018, 12:10 AM
Donykage
Donykage - avatar
0
Abraham Can you explain the scenario where you would have passwords in code?
30th Nov 2018, 7:44 AM
David Carroll
David Carroll - avatar