Games

31430 readers

1310 users here now

Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.

Weekly Threads:

What Are You Playing?

The Weekly Discussion Topic

Rules:

Submissions have to be related to games
No bigotry or harassment, be civil
No excessive self-promotion
Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts
Mark Spoilers and NSFW
No linking to piracy

More information about the community rules can be found here.

founded 1 year ago

MODERATORS

[email protected]

324

Larion Studios forum stores your passwords in unhashed plaintext. (lemmy.world)

submitted 11 months ago by [email protected] to c/[email protected]

217 comments fedilink hide all child comments

Larion Studios forum stores your passwords in unhashed plaintext. Don't use a password there that you've used anywhere else.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 51 points 11 months ago* (last edited 11 months ago) (32 children)

no, they probably dont.
they just send it to your email upon registration, which is kinda a bad idea, but they are probably storing passwords hashed afterwards.

[–] [email protected] 11 points 11 months ago (1 children)

this is still a terrible idea. the system should never know the plaintext password.

logs capture a lot even automated emails. i don't see a single reason to send the user their plaintext password and many reasons why they shouldn't

[–] [email protected] 2 points 10 months ago* (last edited 10 months ago)

passwords are usually hashed server-side tho and that's done for a reason.
if handling passwords correctly, server side hashing is way more secure then client-side. (with client side hashing, hash becomes the password...)

load more comments (30 replies)