"dcrespo" <[EMAIL PROTECTED]> writes: > 3. Both Client and Server creates a hash string from > <password+random_alphanumeric_string> > 4. Client sends the hash string to the server > 5. Server compares his hash result with the hash string received from > de client. > > I think it is a very good solution, Isn't it?
No. It's vulnerable to dictionary search. Use SRP if you can. -- http://mail.python.org/mailman/listinfo/python-list
