Shareittips.com

Computer & IT Tips By Akash Padhiyar

Dec
02

AJAX Login System using XMLHttpRequest

Posted by Akash Padhiyar 0 Comment

Creating a secure login system using XMLHttpRequest

This is an example of a login system that does not require page refreshes, but is still very secure.

  • Valid usernames and passwords for this demo are
    • user1/pass1
    • user2/pass2
  • Try these, and also incorrect passwords to see the results.

Please note that this is not a functional form, your input will not go anywhere. It is solely for demonstrating an XMLHttpRequest login system in javascript.

Advantages :-

  • User does not need to refresh the page to login.
  • User is notified instantly on incorrect username/password combination.
  • Overall user experience is more seamless
  • Password is not sent in plain text ever (more secure than traditional system).
  • Javascript convenience with server-side security (uses PHP/MySQL).
  • Uses one-time use random seed to hash the password before sending (making interceptions useless).

Disadvantages :-

  • System is more prone to brute force attacks.
    • Can be minimized by adding a delay after a certain number of attempts per username or per client.
  • User may expect a login button.
    • One could still be added without reloading the page.
  • Older versions of Safari cannot disable a password field.
  • This code uses the MD5 encryption algorithm.

Akash Padhiyar

I am Akash Padhiyar Founder of Shareittips.com,BCA MCA Tutor ,Running Web development compnay "AkashInfoTech".

More Posts - Website - Facebook

Share
Categories: Ajax, Other Stuffs

Leave a Reply


Google Search

Popular Posts

Web Designer vs Web

This Infographic explain you what is role of Web Designer and ...

Download Bluestack Offline

Download BlueStack O

Download BlueStack Offline  BlueStack is software in which you can run ...

FireCMD user interface

Command Prompt (cmd.

Serious geeks spend a lot of time at the command ...

Sponsors