SSL before or after submit?

Both need to be wrapped in SSL for proper security. If the form is
not SSL then people can do MITM attacks (among others) to get the
username/password sent to the wrong server.

Aaron Turner wrote:

Both need to be wrapped in SSL for proper security. If the form is
not SSL then people can do MITM attacks (among others) to get the
username/password sent to the wrong server.

Thanks for the clarification. :slight_smile:

Aaron Turner wrote: