fixed workflow and reduced copy

author: Azul <azul@leap.se> 2012-07-03 14:24:17 +0200
committer: Azul <azul@leap.se> 2012-07-03 14:24:17 +0200
commit: 7367bf009d778d96c1c40a20c055bba0596ab2b4 (patch)
tree: 74f2786c51d5af9adec4696a459ca485633fcdb5 /example/views/index.erb
parent: 458975ce0e17a5d752ac99f68a23236b7f078519 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/example/views/index.erb b/example/views/index.erb
index 24d2501..0ff91e1 100644
--- a/example/views/index.erb
+++ b/example/views/index.erb
@@ -3,19 +3,19 @@
   <div class="span4">
     <h2>1. Signup</h2>
     <p>
-    First you signup just like normal. Your browser runs a bit of javascript and does not transfer your password but some validator based on it.
+    Your browser transfers an encrypted verifier based your password. But it does not send the password itself.
     </p>
   </div>
   <div class="span4">
     <h2>2. Login</h2>
     <p>
-    Login using the same credentials. Again javascript is used to calculate a random number and a key based on it that the server then uses to validate your password.
+    You enter your password - your browser exchanges encrypted data with the site to check if it was the right one.
     </p>
   </div>
   <div class="span4">
     <h2>3. Verify</h2>
     <p>
-    The server logs will tell you your password was not transmitted in clear. Never the less the server can determine wether you were authorized.
+    You can see from the logs that your password was not send. The login process is different each time so it can't be replayed.
     </p>
   </div>
 </div>
author	Azul <azul@leap.se>	2012-07-03 14:24:17 +0200
committer	Azul <azul@leap.se>	2012-07-03 14:24:17 +0200
commit	7367bf009d778d96c1c40a20c055bba0596ab2b4 (patch)
tree	74f2786c51d5af9adec4696a459ca485633fcdb5 /example/views/index.erb
parent	458975ce0e17a5d752ac99f68a23236b7f078519 (diff)