Password logins can be made much safer without any extra user effort. OPAQUE is a modern protocol that better protects your secrets, which is currently being standardised in the IRTF. In this demo you can register an account by picking a name and a password. Then try to log in. Go ahead, use a wrong password. The server never sees your actual password, this is derived in a safe way through an aPAKE. With each step, you will see a log of what calculations the client does and communicates with the server.
This project was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.