Re: [whatwg] Hashing autofilled data (was Re: Proposal: Write-only submittable form-associated controls.)

On 16 October 2014 08:52, Mike West <mkwst@google.com> wrote:

> * Server stores credentials as `sha512(password + username)`.
>

It might be better to require PBKDF2/bcrypt/scrypt.

Received on Thursday, 16 October 2014 09:44:37 UTC