diff options
author | Azul <azul@leap.se> | 2012-07-03 14:24:17 +0200 |
---|---|---|
committer | Azul <azul@leap.se> | 2012-07-03 14:24:17 +0200 |
commit | 7367bf009d778d96c1c40a20c055bba0596ab2b4 (patch) | |
tree | 74f2786c51d5af9adec4696a459ca485633fcdb5 /example/views | |
parent | 458975ce0e17a5d752ac99f68a23236b7f078519 (diff) |
fixed workflow and reduced copy
Diffstat (limited to 'example/views')
-rw-r--r-- | example/views/index.erb | 6 | ||||
-rw-r--r-- | example/views/layout.erb | 2 |
2 files changed, 4 insertions, 4 deletions
diff --git a/example/views/index.erb b/example/views/index.erb index 24d2501..0ff91e1 100644 --- a/example/views/index.erb +++ b/example/views/index.erb @@ -3,19 +3,19 @@ <div class="span4"> <h2>1. Signup</h2> <p> - First you signup just like normal. Your browser runs a bit of javascript and does not transfer your password but some validator based on it. + Your browser transfers an encrypted verifier based your password. But it does not send the password itself. </p> </div> <div class="span4"> <h2>2. Login</h2> <p> - Login using the same credentials. Again javascript is used to calculate a random number and a key based on it that the server then uses to validate your password. + You enter your password - your browser exchanges encrypted data with the site to check if it was the right one. </p> </div> <div class="span4"> <h2>3. Verify</h2> <p> - The server logs will tell you your password was not transmitted in clear. Never the less the server can determine wether you were authorized. + You can see from the logs that your password was not send. The login process is different each time so it can't be replayed. </p> </div> </div> diff --git a/example/views/layout.erb b/example/views/layout.erb index fc0eaf1..6b56eac 100644 --- a/example/views/layout.erb +++ b/example/views/layout.erb @@ -14,7 +14,7 @@ <div class="hero-unit span12"> <h1>Secure Remote Passwords</h1> <p> - Secure remote passwords allow you to login with a password that will be unkown to the server and anyone eavesdropping + Login with a password hidden from the server and anyone eavesdropping. </p> </div> </div> |