Y
Hacker News
new
|
ask
|
show
|
jobs
by
nucleardog
2210 days ago
No reason the server can’t provide a nonce for the login to salt the hash.
2 comments
Sir_Substance
2209 days ago
Now the server has to store the password in plain text so it can rehash with the new nonce every time.
link
withinboredom
2209 days ago
And how would the server know the desalted hash?
link