Toksyuryel (toksyuryel)'s status on Wednesday, 28-Mar-12 11:44:17 UTC

  1. Toksyuryel Toksyuryel

    @conventrix More work and still less secure than using public key cryptography, as in your method you're still sending those passwords out over the internet to be checked and verified. With public key cryptography, your password can be checked and verified without ever having to actually give out the password itself. The only thing you have to worry about when logging in is a MITM attack, but you have to worry about that with passwords too. Outside of that you're fine as long as your key file is kept secure.

    Wednesday, 28-Mar-12 11:44:17 UTC from web in context