Comment on Larion Studios forum stores your passwords in unhashed plaintext.
Miclux@lemmings.world 8 months agoShow me where the proof is that they STORE it plain text. This is just a screen of a mail after creating an account.
Comment on Larion Studios forum stores your passwords in unhashed plaintext.
Miclux@lemmings.world 8 months agoShow me where the proof is that they STORE it plain text. This is just a screen of a mail after creating an account.
Cabrio@lemmy.world 8 months ago
They can’t send it if they haven’t stored it, that’s the proof. Whether temporary or not it’s a weakness and attack vector for obtaining unhashed passwords. And if they stored it, it should be immediately hashed.
rikudou@lemmings.world 8 months ago
That… is not how it works. It is usually hashed and at the same time an email is sent. Meaning it’s not stored plaintext in any storage.
redcalcium@lemmy.institute 8 months ago
Plenty of website did this… more than a decade ago, and even then plenty of security conscious people writing blogs and posting on social media begging devs to stop doing this.
Cabrio@lemmy.world 8 months ago
You’ll forgive me for not trusting anyone who can tell me my password that isn’t me.
Miclux@lemmings.world 8 months ago
That’s a totally different statement than that in your post.
Miclux@lemmings.world 8 months ago
It’s so sad that you spread misinformation based on your inadequate knowledge.
Cabrio@lemmy.world 8 months ago
Lmao
vox@sopuli.xyz 8 months ago
they can send it without storing. In fact a lot of websites (mostly small forums) send your password to your email before storing it.