|
|
|
|
|
|
by MauranKilom
1889 days ago
|
|
|
I'm not convinced that transmitting the first, say, 5 characters of the full password is any less secure than transmitting the sum of all its "digits". In fact, I would expect the latter to be significantly easier to match by brute force by a MITM adversary. |
|
|
But there's a difference in terms of strength of the encryption key, if you are planning to use the full password as input to Key Derivation Function (KDF). If you make public the first 5 letters of a 44 letter password, you've just made lost some of the entropy.
By the way, based on a comment in this thread, I added a SHA-256 stage. I now hash the full password, and sum the bytes of the hash to generate the check digits.