id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
1534	[patch] Client-side encoding of admin logins	Chris Beaven	Adrian Holovaty	"Currently, passwords are sent via plain text when logging in.
Even though HTTPS is the ultimate solution, it would still be far more secure for clients to be able to send a digest instead. This has been discussed in #61, but the ticket description doesn't cover this specifically.

The patch attached lets the client handle hashing the password first if Javascript is enabled.

Passwords will be upgraded to a new algorithm which uses a psuedo-random salt based on username. This way, the client can calculate the salt rather than require a challenge-response.

Rather than sending the database hash, the hash itself is hashed for extra security.[[br]]
The server provides half a random salt in the login form and the client generates the other half.

The server checks first against this secure password, then falls back to the raw password."	enhancement	closed	contrib.admin	0.91	normal	wontfix			Unreviewed	1	0	0	0	0	0