Last modified: 2013-06-18 16:44:18 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 20187 - Encrypted login with JavaScript to reduce password-sniffing risk for HTTP sites
Encrypted login with JavaScript to reduce password-sniffing risk for HTTP sites
Product: MediaWiki
Classification: Unclassified
User login and signup (Other open bugs)
All All
: Low enhancement (vote)
: ---
Assigned To: Nobody - You can work on this!
Depends on:
Blocks: 9816
  Show dependency treegraph
Reported: 2009-08-11 23:04 UTC by Brion Vibber
Modified: 2013-06-18 16:44 UTC (History)
4 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Description Brion Vibber 2009-08-11 23:04:35 UTC
We've done the occasional experiment based on using client-side hashing of the password, but implementing it means you have to be very careful about how you implement your password hashing and internal salting.

Greg Maxwell pointed out this cute little JavaScript RSA library:

Using something like this would allow for submitting the password encrypted using a public key from the server; while this would not protect against any sort of active attack, it would prevent local network traffic sniffing from seeing plaintext passwords.

(Note that while an HMAC could help protect against replay, but you're still stuck with session hijacking.)
Comment 1 Brion Vibber 2011-10-31 22:28:21 UTC
I'm just gonna WONTFIX this out; while it's plausible to protect against password sniffing, nobody seems willing to commit to it, and we've been pushing more SSL stuff which of course does a far better job of protecting your session.

Note You need to log in before you can comment on or make changes to this bug.