Increased server security:

- Only password hashes are carried across the network, not passwords itself

- Login now occurs via a challenge-and-response mechanism, in such a way that

 it is not possible to log in with a possible capture of a previous successful login

- Encrypted password storage

- Implemented SSL transport transport security with either self-signed or trusted certificates.