Re: [keycloak-dev] Zero-knowledge proof of password?

Suppose you don't want your passwords transmitted in the clear after SSL is terminated by a proxy. Has anyone developed a secure way for the client to prove they have the password, rather than transmitting it in the body of a post? _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev