Larion Studios forum stores your passwords in unhashed plaintext. Don’t use a password there that you’ve used anywhere else.

  • voxel@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    15
    arrow-down
    1
    ·
    edit-2
    1 year ago

    hashing on client side is considered a bad idea and almost never done.
    you actually send your password “in plain text” every time you sign up.

    • wim@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      5
      ·
      1 year ago

      It’s not a bad idea and it is often done, just not in a browser/webapp context.

      • wim@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        HMAC relies on hashing of a shared secret for verifying authenticity and integrity of a message, for example.

        • wim@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          Sorry, I should have included an example in my comment to clarify, but I was in a rush.

          HMAC is a widely used technique relies on hashing of a shared secret for verifying authenticity and integrity of a message, for example.