|
|
|
|
|
|
by imuli
1133 days ago
|
|
|
In the login response I see the private key being sent back from the server, it looks like it is encrypted with a key derived from the user's password. 100100 iterations of PBKDF2-SHA512 is certainly better than it could be, but not it's certainly not as secure against brute force attacks as Argon2 or any other modern KDF. |
|
|