> I'm still on two generation back Perhaps that's why you aren't asked?
"Of the USA"? Is the USA a continent now?
So 1 million possible passwords? That's straight-up terrible entropy these days.
Excuse my ignorance... You're saying that if someone blocks you on Twitter you're no longer allowed to post something with their @handle? Or that they, as the blocker, just won't see it? If it's the former, then I would…
The random-salt has to be stored, at least for the length of the authentication request, because the server needs to generate the same hashed-hashed-password as the client to be able to match and authenticate. >…
So let me make sure we're on the same page... -- Server stores hashed-password, hash-salt, and random-salt. Server sends hash-salt, and random-salt to client. Client uses user password and hash-salt to generate…
Did you even read the comment you replied to? Years ago they did not delete accounts. They would deactivate it and never delete the data. They do now (apparently), but in the past they were very openly not deleting…
I think you're missing something... parseInt('08', 10); // 8
> I'm still on two generation back Perhaps that's why you aren't asked?
"Of the USA"? Is the USA a continent now?
So 1 million possible passwords? That's straight-up terrible entropy these days.
Excuse my ignorance... You're saying that if someone blocks you on Twitter you're no longer allowed to post something with their @handle? Or that they, as the blocker, just won't see it? If it's the former, then I would…
The random-salt has to be stored, at least for the length of the authentication request, because the server needs to generate the same hashed-hashed-password as the client to be able to match and authenticate. >…
So let me make sure we're on the same page... -- Server stores hashed-password, hash-salt, and random-salt. Server sends hash-salt, and random-salt to client. Client uses user password and hash-salt to generate…
Did you even read the comment you replied to? Years ago they did not delete accounts. They would deactivate it and never delete the data. They do now (apparently), but in the past they were very openly not deleting…
I think you're missing something... parseInt('08', 10); // 8