Here’s a simplified explanation of how it works:
- The web server serves up a form with a hidden field containing a random “challenge” string, and optionally a timestamp for when the form was served.
- The user enters their password and submits the form.
- The server knows the user’s password and the challenge that was sent, so it hashes them and compares the result with the data sent by the user.
If your web application stores encrypted passwords (as a well behaved application should) this technique can still be used – you just have to MD5 the password twice on the client side, once to get the encrypted version and then once with the encrypted version appended to the challenge to get the response which should be sent to the web server.
Using Redis with Node.js
By Ivaylo Gerchev,
Need fast data interactions in your Node app? Learn how Redis speeds caching, message brokering, sessions, analytics, streaming and more.
Build a Website with React and Tailwind CSS
By Shahed Nasser,
React and Tailwind CSS: a beautiful relationship! Learn how Tailwind frees you from writing CSS so you can focus on your React components.
React Fragments: A Simple Syntax to Improve Performance
By Antonello Zanini,
React fragments provide a simple syntax to group a list of HTML elements without adding unnecessary nodes to the DOM. Here's how.