[whatwg] Hashing Passwords Client-side

On Mon, Jun 20, 2011 at 11:15 AM, Nils Dagsson Moskopp
<nils at dieweltistgarnichtso.net> wrote:
> James Graham <jgraham at opera.com> schrieb am Mon, 20 Jun 2011 10:40:20
> +0200:
>> [?] and the authors who are most likely to get the server-side
>> wrong are the same ones who are already storing passwords in plain
>> text.
> What reasoning is behind the assertion that those authors will use the
> provided client-side hashing facilities correctly, then?

The fact that you can get minimally adequate functionality by just
writing <input type=password hash>.


Received on Monday, 20 June 2011 14:27:39 UTC