|
|
|
|
|
|
by read
4591 days ago
|
|
|
What happens if a user changes client machines? You seem to suggest storing their hashed password in the browser, but if they change machines they won't have that hashed password around. How will you go from plaintext password to hashed password without having the salt used with PBKDF2? You say user passwords are never sent over the wire (not even the hash)[1], but then say users have an object containing their hashed password (is the documentation here out of date?) [1] - https://github.com/cryptic-io/web |
|
|