Y
Hacker News
new
|
ask
|
show
|
jobs
by
PetahNZ
2786 days ago
This is completely wrong. HTTPS is what secures this, not client side password hashing. If you don't use HTTPS, you can just get MITM'd to disable any kind of client side hashing.