Larion Studios forum stores your passwords in unhashed plaintext. Don’t use a password there that you’ve used anywhere else.

  • @Kilamaos@lemmy.world
    link
    fedilink
    English
    31 year ago

    Of course. You receive the password in plain on account creation, do the process you need, and then store it hashed.

    That’s fine and normal

      • @Vegasimov@reddthat.com
        link
        fedilink
        English
        51 year ago

        When you create an account you type your password in. This gets sent to the server, and then it is hashed and stored

        So there is a period of time where they have your unhashed password

        This is true of every website you have ever made a password on

          • @Vegasimov@reddthat.com
            link
            fedilink
            English
            -11 year ago

            I’ve never even heard of the game studio I’m not defending them, I was replying to the person who said the company should never have your unhashed password, and explaining that they have to at some point in the process

        • @dangblingus@lemmy.world
          link
          fedilink
          English
          -71 year ago

          So why would an agent at Larian have man-in-the-middle access between the password being sent to the server, and the auto-hash?