I'm trying to create a secure inlog script in php/mysql.
I'm faced with many subjects I absolutely know nothing about so I was looking for some help.
I'm want to understand the route of a password from the browser to the database.
One thing that is very hazy to me is the difference between SSL and encryption.
My idea is that I could use javascript SHA 256 encryption at the client side.
But other sources online recommend SSL.
I was thinking, would it be possible to both use SSL as well as SHA encryption.
Now, I asked questions before here moslty solving script issues, but now, I look for an advice about what the possibilities are.
I have no script yet, because first I want to determine in which way the chances for security leaks are minimized.
is there anyone who can give more clarity about it?