What about encrypting our passwords?

In this exercise we have seen how to hide on our screen the input password. By the way after the commit of the form password will be sended as plain text. If I want to encrypt it , how can I do ?

2 Likes

use https (s is for secure, it uses ssl encryption with certificates)

for associates a label with an input element. This is needed for people who use disability tools.

name is used to associate the input field with the data send to the server.

28 Likes

is it not bad practice to store a password as plain text? Is their a better way to encrypt it?

1 Like

absolutely, storing passwords as plain text is a horrible idea. But in this lesson we are not storing passwords? We merely make an input field to enter the password

If you would actually submit the form, your website should use HTTPS to securely communicate with the server, where the password should be hashed and stored (register), or be hashed and compared with the hashed stored version (login)

17 Likes

why don’t we use the value attribute in the input set to value=""?

1 Like

If that is the value you desire of the input field, then you should. Without more context its difficult to answer the question :wink:

1 Like

I noticed that we did not use the value attribute in the input in the example below. so i was wondering why was that?

<form>
  <label for="user-password">Password: </label>
  <input type="password" id="user-password" name="user-password">
</form>

this is the example we did in the password chapter of forms

Why would you want to give a default value to a password input field? The user should just be able to enter their password

2 Likes

Or we can leave the value attribute blank like value=" " and use a placeholder="Password" attribute instead to give users a sense of what are they supposed to enter. In one of the previous lessons i saw that it was mentioned to use value attribute as its value becomes whatever you type in the text-field, and is paired with the name attribute to be sent as a text to the destination file.

1 Like

your value attribute isn’t blank? It contains a white-space. If you leave it blank, the value attribute can be omitted altogether. The value attribute is useful when we want to have a default value

placeholder or a label, or both. Yea, that is possible. If you pay attention to it while visiting different websites, you will see different strategies are used.

3 Likes

Ya i just saw that it contains a white space, thanks for pointing that out!:smiley:
If we leave it blank, then it can be omitted, but then what about the data that will be sent from the text field. What will it be paired with? I am having confusion with just the pairing of name and value attribute. Do they need to be paired or we can do just fine without pairing?

under the hood, the value is kept track of. The value attribute is useful when we want to overwrite the default value of the input field.

3 Likes

Oh now i get it! Thanks!! :smiley: :smiley:

This all makes sense now.

1 Like

Thank you for the explanation!
I kind of get now why some sites do not include a password field at all but rather prefer having the user input only their email then a one-time login code/link is sent to the email provided.

Since input is a Void element it doesn’t need a value. One could use a value to give a reminder of what the user should input. However, this lesson is teaching us about the label element which is being used to tell the user what to input.

Your value attribute places a value either text or numbers in the open text area.

When a user types in, that becomes the value sent to the servers, if you assign a value yourself, that will be sent to the servers. Off course the main aim of the form is for users to input thier data.
What you referred to is the name attribute which is linked to whatever the value is.