Let’s talk about PAKE
https://blog.cryptographyengineering.com/2018/10/19/lets-talk-about-pake/ [blog.cryptographyengineering.com]
2018-10-24 03:13
Now, the login problem doesn’t negate the advantage of password hashing in any way. But it does demand a better solution: one where the user’s password never has to go to the server in cleartext. The cryptographic tool that can give this to us is PAKE, and in particular a new protocol called OPAQUE, which I’ll get to at the end of this post.
source: green