Auth.js credentials provider
Answered
West African Lion posted this in #help-forum
West African LionOP
I'm using the credentials provider with my php backend api, I searched on whether I should salt & hash the password before sending the post api call to my backend in order to prevent sending passwords in plain text, some said that it's fine to send them over https, others said that even so, I must hash the password both client side and in the backend, I still don't exactly know what I should go with. Any insights?
Answered by Sun bear
when signing up a user or logging him in it is okay to send unencrypted and unhashed passwords if you are sending them over https or other protocols where traffic is encrpyted by default
2 Replies
Sun bear
when signing up a user or logging him in it is okay to send unencrypted and unhashed passwords if you are sending them over https or other protocols where traffic is encrpyted by default
Answer
West African LionOP
alright thank you