To avoid http replay attacs it would be nice if the login data is hashed with a unique token before the login form is submitted.
Log in to post a comment.
