Hashing and salting, internet authentication easiest observe
Yo! I’ve 2 questions.
hash(password + salt) vs hash(hash(password) + salt)
I keep in mind that on protected web sites hashing occurs on server-side. If token will get hashed on client-side then hashed passwords change into passwords themselves. In consequence, unhealthy actors will be capable to get entry to sufferers’ accounts (even supposing, with out figuring out their actual passwords). Does it make sense to hash password each on Jstomer and server aspect?
View Reddit by way of scriptoider – View Supply
