PHP: How to MD5 encrypt before sending form using GET method?

[Blopo Blop]

Okay so this is the code==>
<form name="form1" method="get" action="' . $root . '/password.php?id=' . $id . '">
<table width="100%" border="0">
<tr>
<td>Password</td>
<td><input name="password" type="text" id="password" size="50"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="submit" id="submit" value="Submit"></td>
</tr><input type="hidden" name="id" id="id" value="' . $id . '">
</table>
</form>

The password will be sent like this:
password.php?id=...&password=[here]

but i need it to be MD5 encrypted before it gets sent so that the only thing you see in the URL is an MD5 key..

Any idea?

Thanks
Okay; so now I use POST instead of get. It's safer but I think it can still be tracked. How can I md5 encrypt it before it is sent by the form?

 

[Ratchetr]

It is possible to generate an MD5 hash code with JavaScript, but it doesn't really provide you much additional security. It also fails if the user has JavaScript disabled.

The reason it isn't any more secure than a plain text password is that the MD5 hash essentially becomes the password. If I can intercept the POST, then I can read the MD5 hash of the password. I could then disable your JavaScript (very easy to do), paste the MD5 code into your password box and submit. There.....I just logged in without knowing your password.

See link.

 

[Ratchetr]

It is possible to generate an MD5 hash code with JavaScript, but it doesn't really provide you much additional security. It also fails if the user has JavaScript disabled.

The reason it isn't any more secure than a plain text password is that the MD5 hash essentially becomes the password. If I can intercept the POST, then I can read the MD5 hash of the password. I could then disable your JavaScript (very easy to do), paste the MD5 code into your password box and submit. There.....I just logged in without knowing your password.

See link.