Y
Hacker News
new
|
ask
|
show
|
jobs
by
brown9-2
4734 days ago
What is the point of generating this value on the client? The second scenario you describe seems to work the same, minus the need to generate values on the client, with the same outcome.
1 comments
scotty79
4733 days ago
I guess no point. Pick the one that you feel better with.
link
scotty79
4733 days ago
Also the server should keep it hmac-ed in case db silently leaked.
link