Larion Studios forum stores your passwords in unhashed plaintext. - eviltoast

Larion Studios forum stores your passwords in unhashed plaintext. Don’t use a password there that you’ve used anywhere else.

  • Cabrio@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    14
    ·
    1 year ago

    Yes, which is why they’re vulnerable to mitm and local sniffer attacks.

      • canni@lemmy.one
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        2
        ·
        1 year ago

        This guy’s a fucking clown, I’m sure he’s like 15

      • Alien Nathan Edward@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Not without compromised certificates they haven’t. You can tell because if they did they’d be world famous for having destroyed any and all internet security. Then again, they’d probably already be famous for having figured out a way to salt, hash and store passwords without ever holding them in memory first like they claim to do above, so maybe someone is lying on the internet about their vague “proprietary network protocols”.

      • Cabrio@lemmy.worldOP
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        9
        ·
        1 year ago

        I haven’t looked into it but I was wondering about the logistics of setting up a federated honeypot for server side stream sniffing to build a plaintext email/password database.

    • Hawk@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      2
      ·
      1 year ago

      Man, you sound like you’re just using random words you heard in class. Clearly you have no clue how user registration actually works, let alone backend development.