>> not sure if I understand it well but it seems to me that your hash
>> becomes the password. In other words, if I find out the hash, I can log
>> in (e.g. using my own client).
> Yes, I suppose, but the only way I see you getting the hash is:
> a) steal the database
> b) be a MITM over https (I don't do passwords over http when I design a
> c) browser exploit? not sure if that's possible
all these things happen in the real world. That's why securing login is
hard and confidential stuff leaks all the time.
You could address your current assumptions by, for example:
ad a) use hash+salt server side
ad b) not sure;-)
MITM is probably hardest to address but a) shouldn't take much effort
and c) depends on your application I guess.
> I don't do passwords over http when I design a site
Does it mean that you do everything over https? Or login only? How do
you handle sessions then? In url (like the standard picolisp GUI), in
query parameter (using POST) or a cookie?