G
gus bjorklund
Guest
the right way to do this is to hash the cleat-text password with a cryptographic hash function (for example, with SHA-2) and keep the hashed value stored on the server side. then, on the client side, you hash whatever the user provides as a password and send it to the server side. if the value sent matches what the server has, then the user entered the right password. this way, the clear-text password does not have to be stored anywhere and only the user needs to know the password.
Continue reading...
Continue reading...