Login info going as plain text - How to make it unreadable

Question

I'm doing a login form that uses jquery to pass data from the form to the script and back. I've noticed the email and password are being sent as plain readable text. I also noticed that in other site like this very one, or gmail or others, the login info isn't readable like mine is. How can I do this? Somehow, sending this info as plain text doesn't look very... professional.

Answer 1

you have several options here:

1. Use HTTPS protocol to send the login informations.

2. You can hash/encrypt your login info on the client side, upload it/process the form, and decrypt and process the login info on your server. SO have several Q/A answers regarding this process:

   • Two-way password encryption without ssl
   • Secure login: public key encryption in PHP and Javascript

However, options #2 is not really an options, if the encryption key are also submitted in plain text over the internet.