Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
PetahNZ
on Nov 1, 2018
|
parent
|
context
|
favorite
| on:
JavaScript is now required to sign in to Google
This is completely wrong. HTTPS is what secures this, not client side password hashing. If you don't use HTTPS, you can just get MITM'd to disable any kind of client side hashing.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
