I thank enormously those who participate in the emancipation of S-D by offering one therefore because the old server no longer allows to receive as many people the option being either I stop or I continue on a much more powerful server to continue sharing my passion with you all. Thank you for your loyalty (Fdrsoft)

A big thank you to 😉: Filippo-F, Ansley-B, Thierry-L, Jesus-F, Petr-H, Dionysios-S, Andreas-M, Amrit-L, Adrianus-L, Yunlun - T, Marlon-B, Xavier-M, Huang-X, Benjamin-W, Robert-H, Batiste-B, Helmar-A, Rainer-S, Arthur-K, Jesus-Javier-Ateca-F, Dirk-de - K, Andreas-R, ... for their donations 👍(New donor)

Information ! Hello everyone, Station-Drivers will change servers at the end of July for a more powerful and faster server, thus avoiding the slowdowns you are experiencing. The site may be inaccessible 24 hours during the transition, always sorry for the inconvenience caused. (J-5)

chat Loved Users' password are stored... in plaintext?

Users' password are stored... in plaintext? was created by aphanic

Posted 1 year 1 month ago #1191
Hi, I am a new user, registered through the main site (not the forum, in case there is another registration procedure here). After filling in the details (there were no options in the language selector by the way), I got to the point of validating my account through a link in an email. The message had gone to the junk folder, no problem, but I what I saw besides the activation link worried me: it also contained my username and my password in plaintext, meaning not only it is not being salted before being sent to the server, but it is also not even encrypted.

How come? I mean, not only it is non-standard, but it need not add computation cost server-side (encryption and all would happen locally). In my case it is not a problem, my password is a random string of characters of a certain length, but it baffled me when I saw WebAuthn is supported in the site (the Web authentication button above the traditional login one), something that really not many other sites support.
Last Edit:1 year 1 month ago by aphanic
Last edit: 1 year 1 month ago by admin.

Please Log in or Create an account to join the conversation.

Replied by admin on topic Users' password are stored... in plaintext?

Posted 1 year 1 month ago #1192
Hello yes weird I will see immediately otherwise if you are registered on the site you are also registered on the Forum (identical account)
thanks i will check it out 

Asus Z790 Pro Art, Intel Cpu I7 14700K, Memoires 32Go Corsair DDR5 (6000Mhz CL30), Water-cooling Thermaright, nVidia Geforce RTX3060,  Alimentation Asus ROG 850W, Samsung SSD 990 Pro, SSD980 Pro, Clavier Roccat Vulkan , Souris Asus, Boitier NZXT H6, HP Creative SB Kratos Free Fibre 10Gb Cable CAT8/7, Switch 10/5/2.5Gbps, Casque Philips Fedelis.

by admin
The following user(s) said Thank You: aphanic

Please Log in or Create an account to join the conversation.

Time to create page: 0.920 seconds
Powered by Kunena Forum