[Phpmyadmin-devel] insecure login

Peter Miller petermiller1986 at gmail.com
Tue Oct 26 01:42:49 CEST 2010

i've recently been ramping up security on my server and i realised that
phpmyadmin sends the username and password in plaintext accross the http
connection from client to server when loging in. this seems like quite a
security hole, so i just thought i'd see if there are any other options to
use encryption on the username and password for the login page? i've had a
bit of a look though the code but i couldnt see any options to 'turn on' a
higher level of security so i'm guessing there currently isnt one. that
being the case i'd be keen to implement a more secure login.

what are everyone's thoughts on this?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20101026/02ab95d9/attachment.html>

More information about the Developers mailing list