Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Yes, close, but not exactly what I meant. The password would still be provided in plaintext upon registration, but the application would immediately hash and store it. Then the user can login with their password, which gets hashed and compared to the hashed password in the database. Alternatively the hash can be handed over if required and also used as the password since we also compare the unhashed input to the hashed stored password.


Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: