read the chapter hmac of teacher Liao"s hash algorithm, and I"m a little confused!
1. The article says that it is more difficult to crack by adding a password, but the password must be saved on the client or obtained on the server. Can"t I just splice the password according to the code?
2, exercise in the article, there is a code as follows. If the password key is randomly generated like this, then eventually I will log in next time. How does the client know the user"s login password
class User(object):
def __init__(self, username, password):
self.username = username
self.key = "".join([chr(random.randint(48, 122)) for i in range(20)])
self.password = hmac_md5(self.key, password)
I hope the boss can answer! "(" "") "
"