Passwords sent as plaintext? - eviltoast

I tried logging in on browser and I had inspected the request. My password was sent in plaintext. Is this a infosec.pub issue or a Lemmy one?

  • iamak@infosec.pubOP
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Oh okay makes sense thanks!

    Why would the hash be reversible? SHA256 is public and it’s not reversible