Passwords and JavaScript

Question: I just want to ask you about how to create a code that can change a password for a user who wish to change his current password using JavaScript, I have a code with me but it does not work, when I change the password and it still the same. The idea here is to enable a particular user to change his or her password.

Answer: Everything that involves JavaScript means readable source code so that if you process passwords entirely with JavaScript then the password is available for anyone to read. If you want to use passwords that are restricted as to who knows what they are then you need server side processing. Storing the password in a file or database also requires server side processing.

The only way that JavaScript could be used in relation to a form that is used to change a password stored on the server would be if the JavaScript is used to make Ajax calls to the server so that the password can be changed without having to reload the page. In that situation you would still need the page configured so that the form can be submitted to the server without JavaScript so as to ensure that everyone has the ability to change their password. As such the script would be very similar to any other Ajax script for dynamically updating the server with information from a form and that this particular form deals with a password rather than any other type of form data would be irrelevant.


This article written by Stephen Chapman, Felgall Pty Ltd.

go to top

FaceBook Follow
Twitter Follow