|
|
|
|
|
|
by sascha_sl
1518 days ago
|
|
|
Except, if you run rounds on the client and server, you now never handle plain passwords (that users might be reusing) and reversing the thing you store into something you can use against that services' API is still just as hard (if not harder because you need to do either do the total rounds on plain or the server rounds on a very long input) |
|
|