jsavoie / proof-of-work-login

A client side SHA256 hash must be calculated before allowing a login. This limits bruteforce login attacks in environments where you can't ban by IP like Hidden Services.