New Standard for Sending Password During Authentication

March 17, 2023•101 words

Web services used to store naked passwords in database. Almost all by now have already adopted the salted-hash as presentation of a password in database, ie. Password --HTTP--> Hash --> Compare with the hash in db

The passwords by the above scheme are not stored in database but still known by server-side code. Better flow will be as below, if not E2EE which has different mechanism of authentication with keys.
Password --> Hash --HTTP--> Hash of Hash --> Compare with the hash in db

That is the password, but for full privacy and protection of users' data, E2EE should be used.

👍❤️🫶👏👌🤯🤔😂😍😭😢😡😮

Subscribe to the author

You'll only receive email when they publish something new.

More from 19411
All posts

Node.js and Installing Modules with NPM

March 14, 2023•33 words

Some modules will require exact Node.js version, but that's still not enough, NPM version too. Install Node.js of specific version nvm install SOME_VERSION_NUMBER Install NPM of specific version npm i npm@SOME_VERSION ...

Read post

Good Practice Working with Base Project

March 21, 2023•104 words

Regular Git commands in a project with only origin remote: git merge # Fix conflicts git commit However, when working with base project, there are the same files of different contents which lead to conflicts always when merge in to origin. The good practice is to use --no-commit and --abort with Git merge: git merge base/dev --no-commit # Total falure?: git merge --abort # Ok? checkout files supposed to be different: git checkout [FILES] # Fix other conflicts and: git commit Avoid merge bac...

Read post

New Standard for Sending Password During Authentication

More from 19411All posts

Node.js and Installing Modules with NPM

Good Practice Working with Base Project

More from 19411
All posts