Menu
I'm thinking if it is necessary to even ask the user to re-enter the password? Anyway if I decide to have the user re-enter the password, is comparing client side good enough and does it pose any security risks, or should I compare server side?
561
asked Nov 26 '25 07:11
The purpose of typing the password twice is just to catch typos, it serves no security purpose. So checking it in the client should generally be sufficient. If the user disables this somehow, they're just hurting themselves, since they might submit an unintended password.
The only reason you might do it in the server as well is if you want to support users who disable JavaScript in the browser.
141
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
