Hi guys this is really important i searched an example code about "Username and Password Validation between Server and Client" through internet a LOT and i couldn't find anything... so please guys if any of you guys have anything about this topic please show me here thanks a lot guys!!!

4 Years
Discussion Span
Last Post by anar.bataa

What about it don't you understand? It's quite simple. Client sends username and password to server, server checks it matches the record.

You can make it more fancy by having the password records hashed and salted for security, and have what the user sends encrypted to thwart eavesdroppers, but there's really not much more to it.

Edited by Moschops


Are you looking to implement this in practice?

If this is real, I would strongly suggest you use something premade like scrypt or another strong and well tested KDF implementation.

To expand on what Moschops said in the real world case:
(1) Client creates a TLS (or some other secure channel) connection with the server.
(2) The client sends the username and password to the server.
(3) The server given a username looks up the salt and the KDF of the password.
(4) The server confirms that KDF(sent-password, salt) == KDF-of-password from the database.


i'm sorry english is not my native language, what i meant is i need an example code for me...

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.