top | item 10930465 (no title) mollmerx | 10 years ago The passwords are generated on the client. discuss order hn newest rnhmjoj|10 years ago What if someone is listening to your traffic and injects a script which sends generated passwords to a server? http only is a bad idea in this case.
rnhmjoj|10 years ago What if someone is listening to your traffic and injects a script which sends generated passwords to a server? http only is a bad idea in this case.
rnhmjoj|10 years ago