After this announcement, I am planning to reject meetings organised in zoom. But the problem is that it’s really good. So, is there any privacy friendly and viable alternatives to zoom? It does not have to be open source because I nearly tried all alternatives. Your experiences?
Tutanota first use the user password to generate an AES key using BCrypt, that AES key is then used to encrypt the private key. The encrypted private key and hashed AES key is then sent to the server, hence the server does not store nor know the private key and the hashed AES key is used to authenticate the user. It uses SHA256 for hashing, it’s safe because the hashing algorithm is one way only and not reversible, meaning you can’t convert the hash to the password but only the other way around the password can generate the hash, so even the server is compromised it doesn’t gain access to your password.