Improving security with JS
I'm trying some little ideas, and I've hit a snag.
At the moment, when a user logs in, their password is stored in a variable
which is handled later. Obviously all one has to do to get hold of the
password is to go into the developer tools or console or whatever and add
a statement like alert(pass.value);.
I know this is unrealistic but its been bugging me. Is there any way of
detecting an alert statement and scrambling the password somehow? A regex
or string replace?
Thanks!
No comments:
Post a Comment