Living Room-Ba. Guess which room the charging base is in
Have you reached out to your ISP to see if they can give you a dynamic public IP? I recently swapped to a new ISP that was using CGNAT but after contacting their support team with my use case, they were happy to set me up with a public IP so I could continue my self-hosting.
Full-stack dev here, not necessarily in answer to OP’s question, but in my experience it is a pretty standard practice that when you log in to a service, the web page sends your unhashed creds to the server, where your password is then hashed and compared to the stored hash. Via HTTPS/TLS/SSL, this is a reasonably secure practice since the creds are still encrypted while in transport. Hashing is a computationally expensive process that (before the advent of WASM) wasn’t really feasible to do on the client side.
I don’t have a mustache, so maybe?