Simon Willison’s Weblog

MD5 in Javascript

One of the things that has always bugged me about creating login forms for web based applications is that the password is passed in clear text when the user logs in. Even if you then set a session cookie of some sort for future access the password has stilled been transmitted unencrypted at least once.

The obvious way around this is to use https, but for the vast majority of sites this isn’t an option. Enter Javascript MD5—an implementation of the cryptographically secure MD5 hashing function in Javascript. This can be used to build a CHAP login system where the client sends the MD5 of the password appended on to a challenge string, which the server can then recalculate and compare (all without the password being transmitted from client to server).

The author links to implementations of this idea in various languages, and implementing it from scratch in PHP is quite trivial. With a bit of care the system can be set up so that browsers with no javascript support submit the password normally, while those with javascript send only the hash.

A modified version of the system is used by Yahoo’s Login Page, so it is certainly feasible for deployment in a commercial environment. Obviously an https encrypted session is far more secure, but for non-ecommerce web applications this technique is a no-brainer.

This is MD5 in Javascript by Simon Willison, posted on 20th April 2003.

Next: What the F* Happened?

Previous: Flamin' CSS

Previously hosted at http://simon.incutio.com/archive/2003/04/20/javascriptMD5