While @nutomic@lemmy.ml and I do have a lot of issues that are going to take us a lot of time this upcoming year, its still useful for us to hear what your most desired features for Lemmy are, and prioritize them.
If they’re smaller, we could get to them fairly quickly, or others wanting to contribute could see whats most wanted.
Outside of just posting them here, make sure github issues exist for them (this is what we work from), and do a thumbs up react for all the ones you’d like. Despite being a popular project, we have very few people voting on these issues . We can then use the link above (issues sorted by most thumbs up ), to keep track.
Thanks all.
Client-side hashing doesn’t really do much. It just makes your hashed password the effective password. The only advantage it provides is some defense against password reuse because the “source” password is hard to discover. However you shouldn’t be reusing passwords anyways so that shouldn’t matter.
An actual improvement would be using something a PAKE like SRP or OPAQUE. This way the server never learns enough information to authenticate as you.
A major downside of these systems is that because they aren’t natively supported by browsers they require javascript. But that probably isn’t a major issue because IIUC all interactivity on the webui requires JS anyways.