Computer & IT Tips By Akash Padhiyar


AJAX Login System using XMLHttpRequest

Posted by Akash Padhiyar 0 Comment

Creating a secure login system using XMLHttpRequest

This is an example of a login system that does not require page refreshes, but is still very secure.

  • Valid usernames and passwords for this demo are
    • user1/pass1
    • user2/pass2
  • Try these, and also incorrect passwords to see the results.

Please note that this is not a functional form, your input will not go anywhere. It is solely for demonstrating an XMLHttpRequest login system in javascript.

Advantages :-

  • User does not need to refresh the page to login.
  • User is notified instantly on incorrect username/password combination.
  • Overall user experience is more seamless
  • Password is not sent in plain text ever (more secure than traditional system).
  • Javascript convenience with server-side security (uses PHP/MySQL).
  • Uses one-time use random seed to hash the password before sending (making interceptions useless).

Disadvantages :-

  • System is more prone to brute force attacks.
    • Can be minimized by adding a delay after a certain number of attempts per username or per client.
  • User may expect a login button.
    • One could still be added without reloading the page.
  • Older versions of Safari cannot disable a password field.
  • This code uses the MD5 encryption algorithm.

Akash Padhiyar

I am Akash Padhiyar Founder of,BCA MCA Tutor ,Running Web development compnay "AkashInfoTech".

More Posts - Website - Facebook

Categories: Ajax, Other Stuffs

Leave a Reply

Google Search

Popular Posts

Bigrock Hosting Prom

Bigrock Hosting PromoCode October 2016 HOSTING FEST! Flat 40% Off! Festivities ...

DotCom Domain Name a

DotCom Domain Name at Rs.99 Bigrock .Com Promocode end date for ...

Web Designer vs Web

This Infographic explain you what is role of Web Designer and ...