I'm fairly unfamiliar with HTTPS, but I know it's secure, what I want to know is when a user logs in with details on a form, are the variables in that form (username, password) sent to the server encrypted?
I'm asking this, as I'm using a form to log people in, but I'm also hashing their passwords with MD5 together with a SALT for verification.
Also, is HTTPS secure enough to prevent any spyware running on the host from intercepting the login details?
Sorry for asking a few questions in this post, but thanks in advance for any answers.