Isn't the secure sending of the username and password supposed to be supported by the SSL connection between the client browser and the server hosting PMA. i.e  hosting PMA on a server using https protocol?

On Tue, Oct 26, 2010 at 5:12 AM, Peter Miller <petermiller1986@gmail.com> wrote:
hi,
i've recently been ramping up security on my server and i realised that phpmyadmin sends the username and password in plaintext accross the http connection from client to server when loging in. this seems like quite a security hole, so i just thought i'd see if there are any other options to use encryption on the username and password for the login page? i've had a bit of a look though the code but i couldnt see any options to 'turn on' a higher level of security so i'm guessing there currently isnt one. that being the case i'd be keen to implement a more secure login.

what are everyone's thoughts on this?

cheers
pete

------------------------------------------------------------------------------
Nokia and AT&T present the 2010 Calling All Innovators-North America contest
Create new apps & games for the Nokia N8 for consumers in  U.S. and Canada
$10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing
Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store
http://p.sf.net/sfu/nokia-dev2dev
_______________________________________________
Phpmyadmin-devel mailing list
Phpmyadmin-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel




--
Rohit Kalhans
blogfolio: http://info-rohit.co.cc