Hacker News new | past | comments | ask | show | jobs | submit login

> Hopefully you don't transmit the password and are doing challenge/response so that you don't even have it when the user logs in.

Wasn't challenge/response / SRP authentication debunked ?

https://www.nccgroup.trust/us/about-us/newsroom-and-events/b...

https://news.ycombinator.com/item?id=2859470




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: