Answer the question
In order to leave comments, you need to log in
M
M
MMMaliiik2021-06-15 06:59:46
MMMaliiik, 2021-06-15 06:59:46
Need clarification on how passwords are transferred from the browser to the server, is it stored on the server, and how is it checked for correctness?
Need clarification on how passwords are transferred from the browser to the server, is it stored on the server, and how is it checked for correctness?
1 answer(s)
@vabka
Implementation dependent. It is good practice to pass the password in the body of the request, encrypted (HTTPS)
Implementation dependent. It is considered good practice to hash passwords with some complex hash (SHA-2 512, or better SHA-3 512 + it is still worth salting it, for example using HMAC), and store the hash from the password. Validity, respectively, is checked against the hash, which is calculated on the server upon request.
V
Vasily Bannikov, 2021-06-15 @vabka
how passwords are transferred from the browser to the server
Implementation dependent. It is good practice to pass the password in the body of the request, encrypted (HTTPS)
is it stored on the server and how is its correctness checked?
Implementation dependent. It is considered good practice to hash passwords with some complex hash (SHA-2 512, or better SHA-3 512 + it is still worth salting it, for example using HMAC), and store the hash from the password. Validity, respectively, is checked against the hash, which is calculated on the server upon request.
Similar questions
E
C
R
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question