Just take the string as bytes and hash it ffs

  • candybrie@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    4 months ago

    Because then the hash is the password. Someone could just send the hash instead of trying to find a password that gets the correct hash. You can’t trust the client that much.

    You can hash the password on both sides to make it work though.