Y
Hacker News
new
|
ask
|
show
|
jobs
by
die_sekte
5712 days ago
Actually, just encrypting the login is not enough. FireSheep steals session keys, not passwords. Everything that needs to have the session key needs to be served over SSL.
1 comments
chapel
5712 days ago
That's what I meant, but obviously didn't explain it correctly. Thanks for the correction.
link