Server Generated Key for this Session:  YEwtjPmG1bHrWwkim5aD

SHA1 sum on the word 'password':        5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

Concatenated string for authentication: YEwtjPmG1bHrWwkim5aD5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

Type in the word 'password' and click Submit. The following will happen in the background:

1. Your browser performs a sha1 sum on your entry
2. Your browser combines the result of the sha1 sum with the server's generated key to form a concatenated string like above
3. Your browser performs another sha1 sum on the concatenated string
4. Your browser sends this final result to the server using an XMLHttpRequest
5. The server compares the string it received against its own calculations