- From: Tab Atkins Jr. <jackalmage@gmail.com>
- Date: Mon, 20 Jun 2011 14:27:39 -0700
On Mon, Jun 20, 2011 at 11:15 AM, Nils Dagsson Moskopp <nils at dieweltistgarnichtso.net> wrote: > James Graham <jgraham at opera.com> schrieb am Mon, 20 Jun 2011 10:40:20 > +0200: > >> [?] and the authors who are most likely to get the server-side >> wrong are the same ones who are already storing passwords in plain >> text. > > What reasoning is behind the assertion that those authors will use the > provided client-side hashing facilities correctly, then? The fact that you can get minimally adequate functionality by just writing <input type=password hash>. ~TJ
Received on Monday, 20 June 2011 14:27:39 UTC