[keycloak-dev] Zero-knowledge proof of password?
Suppose you don't want your passwords transmitted in the clear after SSL is
terminated by a proxy.
Has anyone developed a secure way for the client to prove they have the
password, rather than transmitting it in the body of a post?