client side token creation, handle display and single password retry

2019-06-29 10:49:44 +02:00
parent 79db7ddafc
commit 5651c0f04e
9 changed files with 128 additions and 61 deletions
--- a/lib/Filter.php
+++ b/lib/Filter.php
@@ -72,6 +72,7 @@ class Filter
    /**
     * fixed time string comparison operation to prevent timing attacks
     * https://crackstation.net/hashing-security.htm?=rd#slowequals
+     * can be replaced with hash_equals() after we drop PHP 5.5 support
     *
     * @access public
     * @static