rufus@lemmy.sdf.orgtoShowerthoughts@lemmy.world•Lemmy is a perfect reddit replacement in terms of saving a post "for later" and never coming back to it
5·
9 months agoHey! Another SDF user in the wild, what’s up!
Hey! Another SDF user in the wild, what’s up!
Full-stack dev here, not necessarily in answer to OP’s question, but in my experience it is a pretty standard practice that when you log in to a service, the web page sends your unhashed creds to the server, where your password is then hashed and compared to the stored hash. Via HTTPS/TLS/SSL, this is a reasonably secure practice since the creds are still encrypted while in transport. Hashing is a computationally expensive process that (before the advent of WASM) wasn’t really feasible to do on the client side.
Wait what is the difference between the two?