Comment on Larion Studios forum stores your passwords in unhashed plaintext.
Kilamaos@lemmy.world 9 months agoOf course. You receive the password in plain on account creation, do the process you need, and then store it hashed.
That’s fine and normal
kadu@lemmy.world 9 months ago
Vegasimov@reddthat.com 9 months ago
When you create an account you type your password in. This gets sent to the server, and then it is hashed and stored
So there is a period of time where they have your unhashed password
This is true of every website you have ever made a password on
kadu@lemmy.world 9 months ago
Vegasimov@reddthat.com 9 months ago
I’ve never even heard of the game studio I’m not defending them, I was replying to the person who said the company should never have your unhashed password, and explaining that they have to at some point in the process
dangblingus@lemmy.world 9 months ago
So why would an agent at Larian have man-in-the-middle access between the password being sent to the server, and the auto-hash?