Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
im3w1l
on June 24, 2022
|
parent
|
context
|
favorite
| on:
MEGA Attack Explainer
Actually I have a second question about this point.. Does this mean it would allow the user in even if the password is mistyped?
tptacek
on June 24, 2022
[–]
No, if you mistype the password then the server can't look up your escrowed RSA key (it's looked up with an "authentication key" derived from PBKDF2).
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
