8 upvotes, 0 direct replies (showing 0)
View submission: Reddit's Streak of Bad Luck Continues...
I don't know about you guys, but on all of my login forms I've created I prehash the password using javascript and clear out the 'password' input box, so that it is never transferred cleartext (gracefully decaying, of course).
Sure, if someone picks up on the hash in transfer it won't prevent them from logging into the site, but at least it will prevent them from logging into their email or bank account if they use the same password.
There's nothing here!