Comment on Larion Studios forum stores your passwords in unhashed plaintext.
Miclux@lemmings.world 2 years ago
what a stupid comment
Show me where the proof is that they STORE it plain text. This is just a screen of a mail after creating an account.
They can’t send it if they haven’t stored it, that’s the proof. Whether temporary or not it’s a weakness and attack vector for obtaining unhashed passwords. And if they stored it, it should be immediately hashed.
That… is not how it works. It is usually hashed and at the same time an email is sent. Meaning it’s not stored plaintext in any storage.
It’s so sad that you spread misinformation based on your inadequate knowledge.
they can send it without storing. In fact a lot of websites (mostly small forums) send your password to your email before storing it.
lwuy9v5@lemmy.world 2 years ago
what a stupid comment
Miclux@lemmings.world 2 years ago
Show me where the proof is that they STORE it plain text. This is just a screen of a mail after creating an account.
Cabrio@lemmy.world 2 years ago
They can’t send it if they haven’t stored it, that’s the proof. Whether temporary or not it’s a weakness and attack vector for obtaining unhashed passwords. And if they stored it, it should be immediately hashed.
rikudou@lemmings.world 2 years ago
That… is not how it works. It is usually hashed and at the same time an email is sent. Meaning it’s not stored plaintext in any storage.
Miclux@lemmings.world 2 years ago
It’s so sad that you spread misinformation based on your inadequate knowledge.
vox@sopuli.xyz 2 years ago
they can send it without storing. In fact a lot of websites (mostly small forums) send your password to your email before storing it.