|
|
|
|
|
|
by tada-ssola
2966 days ago
|
|
|
Ah answered elsewhere, if the client sends the hash and you log the hash then you still have a problem. The user should change passwords. Although I think this still improves the situation if the password is reused. I.E. I can't use the logged hashed password on other sites. |
|
|