[whatwg] Hashing Passwords Client-side
Tab Atkins Jr.
jackalmage at gmail.com
Mon Jun 20 14:27:39 PDT 2011
On Mon, Jun 20, 2011 at 11:15 AM, Nils Dagsson Moskopp
<nils at dieweltistgarnichtso.net> wrote:
> James Graham <jgraham at opera.com> schrieb am Mon, 20 Jun 2011 10:40:20
> +0200:
>
>> […] and the authors who are most likely to get the server-side
>> wrong are the same ones who are already storing passwords in plain
>> text.
>
> What reasoning is behind the assertion that those authors will use the
> provided client-side hashing facilities correctly, then?
The fact that you can get minimally adequate functionality by just
writing <input type=password hash>.
~TJ
More information about the whatwg
mailing list