|
|
|
|
|
|
by dfox
1992 days ago
|
|
|
That kind of construction involves storing whatever is required for login in plaintext on the backend side. You can get around that limitation by using something like SRP, but that is even more complex than using RSA. On the other hand SRP-like construction would have real security benefits while passing RSA encrypted password over the same channel you got the public key (and implementation of the whole thing) from is of somewhat questionable benefit. |
|
|