Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
fileworm
on Oct 19, 2018
|
parent
|
context
|
favorite
| on:
Let’s talk about PAKE
It's worse than that. In the web app use case, if the browser is sending cleartext passwords to the server, all an attacker has to do is hijack the server IP with BGP, get a DV SSL cert and slurp up all the passwords.
Consider applying for YC's Summer 2025 batch! Applications are open till May 13
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
