[Yanel-dev] why is client-side hashing of a password so uncommon?
Michael Wechner
michael.wechner at wyona.com
Thu Jan 21 16:57:29 EST 2016
I forgot to mention that it would help that sites would support two
factor authentication, e.g. using
https://en.wikipedia.org/wiki/Google_Authenticator
Thanks
Michael
Am 21.01.16 um 22:56 schrieb Michael Wechner:
> Hi
>
> I recently thought about how to prevent that a software developer might
> steal plain text passwords on the server side (and re-use it at other
> sites) and hence came to the idea of client-side hashing, but as the
> following article describes, this does not really solve the problem:
>
> http://security.stackexchange.com/questions/53594/why-is-client-side-hashing-of-a-password-so-uncommon
>
> Thanks
>
> Michael
More information about the Yanel-development
mailing list