47°F

Aaron Parecki

  • Articles
  • Notes
  • Photos
  • πŸŒŒπŸŒ΅πŸ›ΈBretπŸœπŸ‘¨‍πŸ‘©‍πŸ‘§πŸš™ https://twitter.com/bcomnes   •   Dec 11
    Has anyone tried a password auth system that standardizes on some front-end hashing strategy, so that the API never sees/touches the plain text version of the password?
    Aaron Parecki
    It's one of the oldest tricks in the books πŸ™ƒ
    Portland, Oregon • 41°F
    Thu, Dec 10, 2020 9:16pm -08:00
    3 replies
    • πŸŒŒπŸŒ΅πŸ›ΈBretπŸœπŸ‘¨‍πŸ‘©‍πŸ‘§πŸš™ twitter.com/bcomnes
      ah yeah @Johannes_Ernst mentioned that. Looks like a funky variant of basic auth. > doesn't really solve things the way you'd expect. Know of any writing on perspective on that? Curious what the issues were SRP looks like a promising approach. medium.com/swlh/what-is-s…
      Fri, Dec 11, 2020 4:06pm +00:00 (via brid-gy.appspot.com)
    • Aaron Parecki twitter.com/aaronpk
      It's part of the old-school HTTP Digest Auth en.wikipedia.org/wiki/Digest_ac… It just doesn't really solve things the way you'd expect.
      Fri, Dec 11, 2020 3:57pm +00:00 (via brid-gy.appspot.com)
    • πŸŒŒπŸŒ΅πŸ›ΈBretπŸœπŸ‘¨‍πŸ‘©‍πŸ‘§πŸš™ twitter.com/bcomnes
      I know bcrypt/hash+salt on server for storage has been best practice for ages. Or has client/browser side hashing before sending to a server been wide spread?
      Fri, Dec 11, 2020 3:43pm +00:00 (via brid-gy.appspot.com)
Posted in /replies using indigenous.abode.pub/ios

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • πŸŽ₯ YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • βš™οΈ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv