Hacker News new | past | comments | ask | show | jobs | submit login

> Hopefully you don't transmit the password and are doing challenge/response so that you don't even have it when the user logs in.

Wasn't challenge/response / SRP authentication debunked ?

https://www.nccgroup.trust/us/about-us/newsroom-and-events/b...

https://news.ycombinator.com/item?id=2859470




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: