Then stilling the hash is enough to login. | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		_0w8t on March 15, 2020 \| parent \| context \| favorite \| on: Lesspass – open-source stateless password manager Then stilling the hash is enough to login.

0xb100db1ade on March 15, 2020 [–]

So? If someone can steal the hash, they could probably hijack the session anyway.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact