-
Bug
-
Resolution: Done
-
Major
-
1.2.0
-
None
-
None
When you call deriveKey multiple times every time a new hashed password should be generated in the current implementation this is not the case. The problem is the use of the sjcl library is wrong and the salt is empty every time, creating the same hash every time.
see the bug when you open this fiddle in firefox:
http://jsfiddle.net/uf54M/2/