Quote Originally Posted by Infamous Joe View Post
The authentication uses the same procedure as a regular login, so yes it is hashed (but unlike the normal one where it is done client side, this one is sent to my server where a PHP script does it).

Thanks for trying to lookout though.
But that's totally unsecure. It leaves security holes such as logging user information up in there air. Would it not be best to md5 it beforehand?