OPAQUE  "Disappear password traffic!" DEMO
 

Server


OPAQUE login has two steps:

  1. Initiation (</> auth_init)

    The client requests the envelope stored during registration to the server. Both participants collaborate to generate the key that allows the client to unseal the envelope.


  2. Finalization (</> auth_finish)

    The client opens the envelope and extracts the keypair that is used in an authenticated key exchange protocol. Thus, the client proves its authenticity to the server.


... now:

Client

(for </> use right-click "View Source")

Login

Enter user credentials :


👁
(Watch network traffic to see that your password never leaves your device.)