More Secure Login Form?

Hey guys,

Is there anyway you can make a safer login form for a site without using HTTPS? By secure right now I am meaning a way to avoid sniffing passwords via Wireshark. For example, if someone on your wireless network is running Wireshark and you sign in to a website with an HTML <form> NOT through HTTPS, your username and password are sent in cleartext via HTTP POST.

Is there some JavaScript or PHP code that can help scramble what is sent from the form before it is sent via HTTP POST to the server?

Thanks guys.

Is there? Maybe…but you should just use HTTPS.

True. Okay thanks! I will.

Anyway, still curious though if anyone wants to take a stab at it or knows.

You could base64 encode the password and transmit that instead of the password (can be done in javascript). Possibly even MD5 it but i’m not sure jscript supports that.