Feature #27770

Login password transmission through SRP-6a

Added by Giovanni Novelli 7 months ago.

Status:NewStart date:
Priority:HighDue date:
Assignee:-% Done:

0%

Category:Accounts / authentication
Target version:-
Resolution:

Description

Implementation of SRP in password transmission for any authentication source relying upon password, stored or not in the database.

It should be seen as a security mean alternative or not to SSL/TLS.

It should allow stronger authentication security, even without SSL/TLS.

References:
http://srp.stanford.edu
https://rubygems.org/gems/srp-rb/versions/1.0.1
https://github.com/lamikae/srp-rb

Also available in: Atom PDF