jafferSathick Member since 2010 23 posts
Posted: 4 years ago
Last activity: 2 years 9 months ago

Fiddler is intercepting password for SSL enabled HTTPS login

When I keep the Fiddler ON and enter into my SSL enabled HTTPS pega website, I am seeing password of my login in the 303 transmissions.

I know this will not happen if the login is authenticated through SSO. But, is there any way to HASH ( or atleast encrypt ) the password during the 303 transmission.

I took a look at the following article but I'm not sure if it will solve the problem I have.

Can you advise on how to hide/hash/encrypt the login password during transmissions during logon ?

**Moderation Team has archived post**

This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.

Low-Code App Development Security
Moderation Team has archived post
Share this page LinkedIn