You are designing an ASP.NET Web Forms application that uses a database containing user names and hashed passwords for authentication. The Web application includes a login form in which users type their user names and passwords.
You need to design a strategy to ensure that the users login credentials cannot be stolen through a man-in-the-middle attack.
Which approach should you recommend?
A.
Install a certificate on the Web server, and force the login form to use SSL.
B.
Write an onSubmit JavaScript handler that hashes the password before the password is submitted to the server.
C.
Write an OnClick method for the Submit button that hashes the password before the password is compared with the password value that is stored in the database.
D.
Write an onSubmit JavaScript handler that URL-encodes the password before the password is passed to the server.