Just take the string as bytes and hash it ffs

  • Shadow@lemmy.ca
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    edit-2
    4 months ago

    There’s nothing stopping a browser from salting a hash. Salts don’t need to be kept secret, but it should be a new random salt per user.