Y
Hacker News
new
|
ask
|
show
|
jobs
by
deepbreath
2967 days ago
> meaning old hashes wouldn't be accepted and reducing hash "replay" possibilities
How would the server even verify the hash, then?
1 comments
pbhjpbhj
2967 days ago
Verify the signature, check the time, use the hash as if it were the password to re-hash and compare with DB?
link