Come up with a way to make both hash methods work

[amstan]

Right now, hyperserv uses sha224 to store passwords in the database. And then use a traditional transaction to check the password: Passwords are sent in plaintext over the network, but then hashed by the server and checked with the hash in the database. This way, if the database is compromised, the passwords are not. There is one hash for every password.

Sauerbraten does it differently: The passwords are hashed by the client with their cn info in it, therefore multiple hashes exist for the same password. Then sent to the server which takes a plaintext password from the database, hashes it, then compares with the password that went through the internet. This makes it more secure when questioning the identity of the server, but it makes storing passwords securely impossible.

I need to find a way to hash the passwords that i store, while still having a way to do some more processing(shoving cn in there) and then getting a password that will match the one generated by the client.

[amstan]

Idea from graphitemaster: When new password is set, generate sauer hashes for all possible cns, then store that in the database. When password is received compare with all passwords in the database.

This only works if only cn is included in the hash.

[amstan]

This is a pretty long shot in making it work. It's either hash during transfer or hash at storage. I pick storage since multiple admins have access to the DB.