Larion Studios forum stores your passwords in unhashed plaintext. Don’t use a password there that you’ve used anywhere else.

  • @[email protected]
    link
    fedilink
    English
    111 year ago

    this is still a terrible idea. the system should never know the plaintext password.

    logs capture a lot even automated emails. i don’t see a single reason to send the user their plaintext password and many reasons why they shouldn’t

    • voxel
      link
      fedilink
      English
      2
      edit-2
      1 year ago

      passwords are usually hashed server-side tho and that’s done for a reason.
      if handling passwords correctly, server side hashing is way more secure then client-side. (with client side hashing, hash becomes the password…)