|
|
|
|
|
|
by poglet
1277 days ago
|
|
|
It sounds like a public and private key pair, like in asymmetric encryption or public-key cryptography. The private key is stored on the client. The private key and users password are both required to authenticate against the public key stored the server. An attacker would have no success with a dictionary attack (used in the article). Even if the password was in the dictionary, the private key is still missing. |
|
|