Okay, this post is security related, but doesn't really deal with the security APIs.
My point of view is that by hashing on the client side, the unencrypted password is never passed across the network. This protects the password from network snooping (which probably protects other applications: people reuse passwords).
One of my more senior coders feels that we are making the application LESS secure by hashing the password on the client side. The hypothetical man-in-the-middle attacker would get the already-hashed password, which they could then feed directly to the server. If the unencrypted password is passed, he thinks, it's safer because the attacker is unlikely to know the salt that is used with SHA-256 to hash the password. Also, using HTTPS would encrypt the password anyways.
He makes a good argument, but now I have this question: is there any value to hashing the password on the client side?
Joined: Sep 12, 2004
In your situation where the traffic is encrypted by the underlying SSL, hashing the passwords on client does not add much value. Assuming that you were not using SSL, then you required more than just hashing as replay attacks or MITM attacks could be mounted and alot more.
But there are situations where the attack can mounted even before the SSL takes over; at the application layer.e.g. Keyloggers or in some situation you have to record data for compliance reasons but have to mask some part of it(more applicable to client-server environment) etc . In such situation at the very application level you need to hash/encrypt the passwords and then pass it on. you can see such an example at : (visit http://www.sabb.com/PIB3Demo/en_demo.htm
Joined: Aug 10, 2006
Also, you can always hash the password twice (or more), once on the client side and again on the server side, perhaps giving you all the benefits of each. Most password-based schemes incorporate an iteration count of how many time the password goes through the hash function. Along with a salt, this can add additional protection for passwords. See for example PKCS#5 or the the 802.11 WPA2 specs.
If the traffic is protected by SSL, there is no gain to be had in client-side hashing, so it's just a waste of resources. In an unencrypted stream, it will just tell middle-men what the hashed version is.