[Cryptography] SRP for mutual authentication - as an alternative / addition to certificates?
Ben Laurie
ben at links.org
Wed Aug 5 06:07:31 EDT 2015
On Wed, 5 Aug 2015 at 03:24 Carlo Contavalli <ccontavalli at gmail.com> wrote:
> The cost on the user is in making sure he is entering the username and
> password only in "secure boxes", rather than random ones on the web
> site.
>
This is the core problem - if we could get users to only type their
passwords into the one true password box, then there are many viable
solutions to "the password problem". But all attempts to do this so far
have been dismal failures.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150805/5c505a8c/attachment.html>
More information about the cryptography
mailing list