305
submitted 1 year ago by Cabrio@lemmy.world to c/games@lemmy.world

Larion Studios forum stores your passwords in unhashed plaintext. Don't use a password there that you've used anywhere else.

you are viewing a single comment's thread
view the rest of the comments
[-] darkkite@lemmy.ml 11 points 1 year ago

this is still a terrible idea. the system should never know the plaintext password.

logs capture a lot even automated emails. i don't see a single reason to send the user their plaintext password and many reasons why they shouldn't

[-] vox@sopuli.xyz 2 points 1 year ago* (last edited 1 year ago)

passwords are usually hashed server-side tho and that's done for a reason.
if handling passwords correctly, server side hashing is way more secure then client-side. (with client side hashing, hash becomes the password...)

this post was submitted on 28 Sep 2023
305 points (75.0% liked)

Games

32283 readers
962 users here now

Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.

Weekly Threads:

What Are You Playing?

The Weekly Discussion Topic

Rules:

  1. Submissions have to be related to games

  2. No bigotry or harassment, be civil

  3. No excessive self-promotion

  4. Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts

  5. Mark Spoilers and NSFW

  6. No linking to piracy

More information about the community rules can be found here.

founded 1 year ago
MODERATORS