[keycloak-dev] Zero-knowledge proof of password?

Peter K. Boucher pkboucher801 at gmail.com
Tue Mar 7 16:22:56 EST 2017

Suppose you don't want your passwords transmitted in the clear after SSL is
terminated by a proxy.


Has anyone developed a secure way for the client to prove they have the
password, rather than transmitting it in the body of a post?

More information about the keycloak-dev mailing list