|
|
|
|
|
|
by SiNiquity
2204 days ago
|
|
|
The client in this case should be the web-browser; it shouldn't be custom Javascript. There should be an attribute on the password field that says if the password should be hashed before sent to the server. It could also be salted by the browser to reduce reuse across sites similar to any password manager today. |
|
|