[EthicalSimilar]

> For instance, when setting a user's password in Postgres, you can do the hashing on the client side, even for non-trivial schemes like SCRAM. This means that the password itself never needs to move over the network, and that's very desirable.

Off-topic, but I’m surprised more online apps don’t employ something similar.

It would all but eliminate accidental leaks that occur from logs being incorrectly stored / misconfigured, not to mention worries about MITM attacks (useful for corporate networks, or public networks).

Given how many people share usernames, emails, and passwords across sites I find it quite important to mitigate those issues as much as possible.