|
|
|
|
|
|
by Dylan16807
2274 days ago
|
|
|
> As the owner/maintainer of a service, I want to be in control and know that my user's credentials are secure - there may even be legal obligations here in some countries. The code doing the client-side hashing is just as secure as the rest of the client interface. You don't compromise anything by doing it. Still, it's easier to do the extra hash locally on the server if you need it. |
|
|