@JPDev@programming.dev to Software Gore@programming.dev • 9 days agoPassword must match the followingprogramming.devimagemessage-square50fedilinkarrow-up1420arrow-down14
arrow-up1416arrow-down1imagePassword must match the followingprogramming.dev@JPDev@programming.dev to Software Gore@programming.dev • 9 days agomessage-square50fedilink
minus-squareAggressivelyPassivelinkfedilink16•9 days agoWe have a system that mails your password if you change it. It’s just for internal users, but still.
minus-square@MonumentlinkEnglish11•9 days agoThat means those suckers are either stored plaintext or stored with decryption key that is somewhere within the server. Yeesh.
minus-square@Tja@programming.devlinkfedilink9•9 days ago“if you change it”. It might send the email before storing it as a salted hash in the DB. Unlikely, but possible.
We have a system that mails your password if you change it. It’s just for internal users, but still.
That means those suckers are either stored plaintext or stored with decryption key that is somewhere within the server. Yeesh.
“if you change it”. It might send the email before storing it as a salted hash in the DB. Unlikely, but possible.