Msg#: 4467300 posted 5:57 pm on Jun 19, 2012 (gmt 0)
I'm sure this is an easy one. I have an online applications that asks for SSN. I do have it piped through an SSL for encryption BUT i get the results of the form, including SSN, in my outlook inbox via NMS FormMail. I am careful, but if I reply to that email, I'm inadvertantly sending BACK her SSN to her via UNencrypted connection. Is this safe as long as I don't "reply" to the email or should I be working harder to get a better method of collecting SSNs?
Msg#: 4467300 posted 6:04 pm on Jun 19, 2012 (gmt 0)
If you are emailing the information (even from the server to yourself), it is probably being transmitted as clear text and unencrypted. A more secure approach would be to email notification to you, but without the actual form data, and require that you then connect to the server via SSL to see the actual data.
Msg#: 4467300 posted 7:45 pm on Jun 19, 2012 (gmt 0)
Hmmm... i like that. so I'd need a database Now I AM using an SSL (i.e. <form method="post" action="https://hostedge.net/~sangel/cgi-bin/TheThing.pl"> <input type="hidden" name="recipient" value="firstname.lastname@example.org" />
wouldn't that take care of the encryption btwn the server and I?