klausklemens

@[email protected]

This profile is from a federated server and may be incomplete. Browse more on the original instance.

YSK: Your Lemmy activities (e.g. downvotes) are far from private (i.imgur.com)

Edit: obligatory explanation (thanks mods for squaring me away)…...

klausklemens , 1 year ago

How do you know that an admin has my plain text password? Typically passwords are stored hashed. Do Lemmy instances not do this?

Reply

Report

Activity

Open original URL

Copy original URL

Copy Mbin URL

Loading...

klausklemens , 1 year ago

If the threat is an evil admin who can change the code it doesn’t matter. The admin could change the server code to store unencrypted passwords, they could change the client code to send unencrypted passwords, they could make clients post plaintext passwords whenever you login. Hashing is damage control incase someone absconds with the password database.

Reply

Report

Activity

Open original URL

Copy original URL

Copy Mbin URL

Loading...