nightzeus
asked on
Login form - packet sniffer
Does my web site login have to be on a secure server or otherwise be easily vulnerable to hackers? I noticed some big name web sites logins are not on a secure server, so does the mean they are risking packet sniffers hackers?
How much risk is there not having your login on a secure server?
Thanks
How much risk is there not having your login on a secure server?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Depends on where you're sniffing from. You'd have to sniff somewhere between the user and the location of the server itself. SSL is intended to make that hard for someone trying to be somewhere in the middle by encrypting the data. But here's the major question: what is the value of the data being transmitted? You don't want to spend too much more than what it's worth protecting it.