Correct. For example, if you used CloudFlare to terminate your SSL traffic,
this measure would prevent CloudFlare from ever seeing your passwords. The
key to decrypt the password (or CC#) can be limited to the absolute minimal
surface area necessary.

On Thu, Oct 16, 2014 at 2:27 PM, Anne van Kesteren <> wrote:

> On Thu, Oct 16, 2014 at 2:22 PM, Ben Maurer <> wrote:
> > It reduces the number of systems which are exposed
> > to the password.
> You mean after the password arrives at the server? Because for
> transfer we should advocate TLS.
> --

Reply via email to