this post was submitted on 03 Aug 2023
4513 points (99.1% liked)

Fediverse

28528 readers
228 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to [email protected]!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 1 year ago

The client doesn't store passwords at all, but the client does store your token in localStorage (it's necessary so that we can make authenticated requests). The only way your account could get hacked is if they gain access to your browser and look through localStorage. If they have access to your computer, you have other problems though. If they do gain access, you can invalidate the JWT by changing your password.