You store the password hashed with a salt in the database (just keep track of th...

		hsiung on June 1, 2008 \| parent \| context \| favorite \| on: Why you shoud never use your favorite password on ... You store the password hashed with a salt in the database (just keep track of the salt you used). The server can send the salt to the client, in addition to the random number. So the client is performing two hashes: md5(md5(password+salt)+random_token).