Welcome to WebmasterWorld Guest from 50.19.53.104

Forum Moderators: incrediBILL

Message Too Old, No Replies

quick form question / encryption

     

hotwired

5:57 pm on Jun 19, 2012 (gmt 0)

10+ Year Member



I'm sure this is an easy one. I have an online applications that asks for SSN. I do have it piped through an SSL for encryption BUT i get the results of the form, including SSN, in my outlook inbox via NMS FormMail. I am careful, but if I reply to that email, I'm inadvertantly sending BACK her SSN to her via UNencrypted connection. Is this safe as long as I don't "reply" to the email or should I be working harder to get a better method of collecting SSNs?

thanks to all.

Fotiman

6:04 pm on Jun 19, 2012 (gmt 0)

WebmasterWorld Senior Member fotiman is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



If you are emailing the information (even from the server to yourself), it is probably being transmitted as clear text and unencrypted. A more secure approach would be to email notification to you, but without the actual form data, and require that you then connect to the server via SSL to see the actual data.

hotwired

7:45 pm on Jun 19, 2012 (gmt 0)

10+ Year Member



Hmmm... i like that. so I'd need a database
Now I AM using an SSL (i.e. <form method="post" action="https://hostedge.net/~sangel/cgi-bin/TheThing.pl">
<input type="hidden" name="recipient" value="manager@sangelproperties.com" />

wouldn't that take care of the encryption btwn the server and I?

Fotiman

7:56 pm on Jun 19, 2012 (gmt 0)

WebmasterWorld Senior Member fotiman is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



That SSL would take care of the encryption between the end user and the server, but not between the server and you (if it's emailing you the data).

Yes, you would need a database, as well as some way to get the data securely from the database.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month