|
|
|
|
|
|
by jimis
2002 days ago
|
|
|
> If you use SCRAM-, you're committing your password storage to only* use that method for storing the plaintext. I consider this an advantage. I know how the password is stored, and if the service wants to update the storage, than it has to ask me to reset my password. If it doesn't ask me so, how can I know that they are up to date? > The entire process is invisible to the user, who gets a security upgrade in the process or never gets a security upgrade, and he has no idea. |
|
|