[keycloak-user] SRP (Secure remote password)
Cyril Casaucau
raiden0610 at gmail.com
Sun Sep 23 15:03:27 EDT 2018
Hi,
Do you know SRP (Secure remote password,
https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol) ?
It's the RFC 2945(https://tools.ietf.org/html/rfc2945), 5054(
https://tools.ietf.org/html/rfc5054) and I think it's very interesting the
idea of not transfering the password to the server.
There are 1Password and Protonmail who implementing it for their app
https://blog.agilebits.com/2018/02/14/how-we-use-srp-and-you-can-too/
https://protonmail.com/blog/encrypted_email_authentication/
So first, what do you guys think about SRP (Secure remote password) ?
And second : Do you thought of implementing it in Keycloak ?
Thanks
More information about the keycloak-user
mailing list