There are many variations of password manglers. An example would be
Hash( user password + secret key + domain site )
During website login authentication , passwords are sent in ciphertext from the client machine to the host machine via SSL/TLS protocol.
The password has already been encrypted , I see no benefit in hashing the encrypted password a second time , what am i missing out ??
Aucun commentaire:
Enregistrer un commentaire