Discussions related to Infosec.pub

1128 readers

1 users here now

founded 1 year ago

MODERATORS

[email protected]

Passwords sent as plaintext? (infosec.pub)

submitted 1 year ago by [email protected] to c/[email protected]

23 comments fedilink hide all child comments

I tried logging in on browser and I had inspected the request. My password was sent in plaintext. Is this a infosec.pub issue or a Lemmy one?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 1 year ago

That's actually a good thought though. It would prevent (clear text) password leaks from shitty / malicious websites. Having a standard for browsers to salt and hash password would have prevented a lot password leaks. On the other hand it could never be updated and we would most likely be stuck on md4 or something similarly broken.

permalink
fedilink
source
parent