[atoav]

Passwords are (or rather should be) indeed stored using crypt. However at login the provided password needs to be compared to the hashed one, which means the clear text password needs to be rehashed. I am not sure this happens on the client.

[wang_li]

It definitely doesn’t happen on the client. If it did then the server’s password file would effectively be plaintext.

[zinekeller]

> If it did then the server’s password file would effectively be plaintext.

Send seed and hashing parameters to the client, then client does hashing, client sends hash, server compares hashes. It's vulnerable to replay attacks, but it's the same with client sending plaintext password to server (assuming that you're not using SSH or similar).

[dsr_]

You two are working your ways towards defining a zero-knowledge password proof:

https://en.wikipedia.org/wiki/Zero-knowledge_password_proof

I think SRP is the most widely implemented version. https://en.wikipedia.org/wiki/Secure_Remote_Password_protoco...

[throw0101a]

Note that SRP is an older protocol, and things have moved on from there. See various PAKE algorithms:

* https://en.wikipedia.org/wiki/Password-authenticated_key_agr...