This is insecure if LW1 hashes get leaked or were leaked at some point.
Isn’t this vulnerability inherent in the whole “hashing passwords on the client” setup? (indeed, it seems to miss the whole point of hashing?) Or am I misunderstanding what Meteor does?
I think this vulnerability is specific to Oliver’s scheme, not Meteor. What Meteor does is hash the password on the client (not sure why, might as well send it in plaintext over SSL) and then hash and salt it on the server as well (which is good and right).
Isn’t this vulnerability inherent in the whole “hashing passwords on the client” setup? (indeed, it seems to miss the whole point of hashing?) Or am I misunderstanding what Meteor does?
I think this vulnerability is specific to Oliver’s scheme, not Meteor. What Meteor does is hash the password on the client (not sure why, might as well send it in plaintext over SSL) and then hash and salt it on the server as well (which is good and right).
Yep, Meteor hashes twice. Not fully sure why. Probably to add an extra layer of security to non SSL connections.