The best way to handle passwords IMO, is to have the browser compute a quick hash of the password, and then the server compute the hash of that. That way the "password" that is being sent to the server is always the same length.
eu8
joined 1 year ago
Well we don't know how that website is actually storing the password. They may well be using a password hash. Also, you should use scrypt or argon over bcrypt IMO. And there should be no upper restrictions on password length. argon2 can handle hashing megabytes of data in about the same time as a short password, so there's never a need to limit the password length.
To potentially answer my own question: I believe the protocol I was looking for might have been the dat protocol which seems to have been replaced by something else.
The real problem was always a lack of alternatives imo. A "protest" can't work on the website you're literally using. What should have happened is those people all moved to another platform, but there isn't one. There isn't one canonical alternative to reddit, so they had to "protest" there.
and if we really want to keep growing then we can do so without Meta.
No we cannot. This website is barely usable. The average person doesn't want to use lemmy. They want to hear what their favorite musicians and athletes are up to. They want to use a service that has a massive user base so they can learn new things from experts in various niche fields, etc. They don't want to go to a website with 1000 people who all share the same unpopular political views.
By joining with threads, we make it easier for this average person to switch over to lemmy or mastadon. There is literally no downside to federating with them. They can't shut down smaller instances.
I don't want to give meta and instagram my phone number. Don't you want people using lemmy? Why are telling me to give my data to meta?
c/Xporn when X is not sexual. Like r/foodporn, r/earthporn, or r/animalporn.
Reddit's database was pretty poorly designed. They designed it to be really flexible so they could make changes easily early on, but it was highly inefficient. I don't know if it's still like that, but the old website's source code is public and it is very inefficient.
Take my answer with a grain of salt, but I'm pretty sure if you have a GPU you can just run the same models and it should work more efficiently for you. The only difference for you is you can run some of the larger models.
view more: next ›
It is bad programming. Specifically it is very bad security (especially setting a maximum length - that is just ridiculous). I think websites should not rely too much on passwords anyway. They should be designed under the assumption that attackers will fairly commonly get access to user passwords, and therefore not let someone do too much damage from simply being able to login to your account.