will type username first, page takes username to server, server checks for the record and instead of mathching it against password, matches it against salt?, maybe decrypt it on the basis on username. return success if decryption was successful, then UI shows password page, take it decrypt it with the previously obtained salt etc etc
Hash the password with the password itself as a key. Unless the password is right, you will only get garbage when you try to decrypt it
better solution: hash it like a normal person
Обсуждают сегодня