I’m working on a small multiplayer game with Kryonet that would require a login with a username and password. I’m wondering what a safe way to handle this would be.
Obviously I won’t be storing plain text passwords on the server database, most likely they will be encrypted with a salt (this article seems useful). If I let the server do the encryption it means I’m sending plain text passwords over the network. Would letting the client encrypt passwords be better? Are they any issues with this method?