305
submitted 1 year ago by Cabrio@lemmy.world to c/games@lemmy.world

Larion Studios forum stores your passwords in unhashed plaintext. Don't use a password there that you've used anywhere else.

you are viewing a single comment's thread
view the rest of the comments
[-] jonne@infosec.pub 48 points 1 year ago* (last edited 1 year ago)

Sending your password right after you created it might not be best practice, but it doesn't mean it's stored unhashed in the database. It looks like they're using a third party forum software, so it should be pretty straightforward to figure out whether they do or not.

Looks like they address it here: https://forums.larian.com/ubbthreads.php?ubb=showflat&Number=669268#Post669268

[-] AlmightySnoo@lemmy.world 11 points 1 year ago

it should be pretty straightforward to figure out whether they do or not

Not really since it's closed-source: https://www.ubbcentral.com/

But they seem to have been in business since 1997, so I highly doubt that they'd fuck up the "never store passwords in plain text" rule.

[-] jonne@infosec.pub 11 points 1 year ago

Yeah, I was looking it up, and when I saw they've been selling this forum software since 1997 I was less confident about passwords being hashed. They address it in their forums and they're making it clear that the passwords are actually hashed, and they're looking at migrating to other solutions regardless.

[-] mosiacmango@lemm.ee 9 points 1 year ago

That thread is from 2020, where they said they fixed the password send issue.

Op, how old is ths image above?

[-] Cabrio@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

Image was taken immediately before posting. The issue, apparently, has since shown up again.

this post was submitted on 28 Sep 2023
305 points (75.0% liked)

Games

32681 readers
1017 users here now

Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.

Weekly Threads:

What Are You Playing?

The Weekly Discussion Topic

Rules:

  1. Submissions have to be related to games

  2. No bigotry or harassment, be civil

  3. No excessive self-promotion

  4. Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts

  5. Mark Spoilers and NSFW

  6. No linking to piracy

More information about the community rules can be found here.

founded 1 year ago
MODERATORS