Passwords sent as plaintext? (infosec.pub)

submitted 2 years ago by iamak@infosec.pub to c/infosecpub@infosec.pub

23 comments fedilink hide all child comments

I tried logging in on browser and I had inspected the request. My password was sent in plaintext. Is this a infosec.pub issue or a Lemmy one?

you are viewing a single comment's thread
view the rest of the comments

[-] SWW13@lemmy.brief.guru 2 points 2 years ago

That's actually a good thought though. It would prevent (clear text) password leaks from shitty / malicious websites. Having a standard for browsers to salt and hash password would have prevented a lot password leaks. On the other hand it could never be updated and we would most likely be stuck on md4 or something similarly broken.

permalink
fedilink
source
parent

this post was submitted on 18 Jul 2023

10 points (81.2% liked)

Discussions related to Infosec.pub

1280 readers

1 users here now

founded 2 years ago

MODERATORS

jerry@infosec.pub