One day I stumbled upon a web app testing environment that used client side Javascript to perform authentication.
It was very simple to break into because it hashed the password using a very simple checksum algorithm.
I created this presentation to share my thoughts on what I found.