|
|
|
|
|
|
by kbolino
611 days ago
|
|
|
Strictly speaking, passwords do not have to be shared during auth, either. There are password-agreement schemes (e.g. SRP [1] as used in TLS-SRP) which allow one or both parties to prove they know the password without sharing it. However, these schemes never gained broad adoption. [1]: https://en.wikipedia.org/wiki/Secure_Remote_Password_protoco... |
|
|