Larion Studios forum stores your passwords in unhashed plaintext. Don’t use a password there that you’ve used anywhere else.

  • voxel@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    16
    ·
    edit-2
    1 year ago

    hashing on client side is considered a bad idea and almost never done.
    you actually send your password “in plain text” every time you sign up.

    • wim@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      It’s not a bad idea and it is often done, just not in a browser/webapp context.

        • wim@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          1 year ago

          Sorry, I should have included an example in my comment to clarify, but I was in a rush.

          HMAC is a widely used technique relies on hashing of a shared secret for verifying authenticity and integrity of a message, for example.