this post was submitted on 28 Sep 2023

323 points (75.7% liked)

Games

31801 readers

1095 users here now

Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.

Weekly Threads:

What Are You Playing?

The Weekly Discussion Topic

Rules:

Submissions have to be related to games
No bigotry or harassment, be civil
No excessive self-promotion
Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts
Mark Spoilers and NSFW
No linking to piracy

More information about the community rules can be found here.

founded 1 year ago

MODERATORS

quinten@lemmy.world

TheSpookiestUser@lemmy.world

shitpostpolice@lemmy.world

Dremor@lemmy.world

323

Larion Studios forum stores your passwords in unhashed plaintext. (lemmy.world)

submitted 11 months ago by Cabrio@lemmy.world to c/games@lemmy.world

217 comments fedilink hide all child comments

Larion Studios forum stores your passwords in unhashed plaintext. Don't use a password there that you've used anywhere else.

you are viewing a single comment's thread
view the rest of the comments

[–] JackbyDev@programming.dev 31 points 11 months ago (3 children)

Encrypted passwords are still an unacceptable way to store passwords. They should be hashed.

[–] Cloodge@lemmy.world 15 points 11 months ago (1 children)

(and salted before hashing.)

[–] Dicska@lemmy.world 11 points 11 months ago (1 children)

And marinated in butter milk.

[–] Cloodge@lemmy.world 2 points 11 months ago

Peppered if you're feeling extra

[–] Michal@programming.dev 8 points 11 months ago (1 children)

Just because they send out the password does not mean it's not hashed. They could send the email before hashing.

[–] JackbyDev@programming.dev 5 points 11 months ago

You're correct and after reading more of the thread I saw OP say this was sent immediately after registering. I don't have reason to believe it is stirred in plaintext unless they're storing s copy of every email they send.