📌 Hello everyone,
Fdrsoft & the Station-Drivers team wish you a very happy holiday season and I take this opportunity to thank those who regularly give me donations to improve the site (Jim-B, Romain-L, Helmar-A, .... ). A big THANK YOU for your loyalty. 😉 (Fdrsoft)

--- SURVEY Are you satisfied with the S-D site? ---

Hello to all of you and thank you again for your loyalty,
Today I want to know if you are satisfied with the site since the change of the server and some touch-ups of the color and the change of the theme of the Forum.
Of course I am aware that there may still be work to do but the biggest part is done
Thank you for your answers
www.station-drivers.com/index.php/en/for...th-the-s-d-site#3618

chat Users' password are stored... in plaintext?

  • aphanic
  • aphanic аватар Автор темы
  • Не в сети
  • Poster 2
  • Poster 2
    Enregistré
  • Сообщений: 9
  • Thanks: 5

Users' password are stored... in plaintext?

1 год 6 мес. назад - 1 год 6 мес. назад
#1191
Hi, I am a new user, registered through the main site (not the forum, in case there is another registration procedure here). After filling in the details (there were no options in the language selector by the way), I got to the point of validating my account through a link in an email. The message had gone to the junk folder, no problem, but I what I saw besides the activation link worried me: it also contained my username and my password in plaintext, meaning not only it is not being salted before being sent to the server, but it is also not even encrypted.

How come? I mean, not only it is non-standard, but it need not add computation cost server-side (encryption and all would happen locally). In my case it is not a problem, my password is a random string of characters of a certain length, but it baffled me when I saw WebAuthn is supported in the site (the Web authentication button above the traditional login one), something that really not many other sites support.
Последнее редактирование: 1 год 6 мес. назад пользователем admin.

Пожалуйста Войти или Регистрация, чтобы присоединиться к беседе.

Re: Users' password are stored... in plaintext?

1 год 6 мес. назад
#1192
Hello yes weird I will see immediately otherwise if you are registered on the site you are also registered on the Forum (identical account)
thanks i will check it out 

Configuration
Asus Z790 Pro Art, Intel Cpu I7 14700K, Memoires 32Go Corsair DDR5 (6000Mhz CL30), Water-cooling Thermaright, nVidia Geforce RTX3060,  Alimentation Asus ROG 850W, Samsung SSD 990 Pro, SSD980 Pro, Clavier Roccat Vulkan , Souris Asus, Boitier NZXT H6, HP Creative SB Kratos Free Fibre 10Gb Cable CAT8/7, Switch 10/5/2.5Gbps, Casque Philips Fedelis.
Спасибо сказали: aphanic

Пожалуйста Войти или Регистрация, чтобы присоединиться к беседе.

Время создания страницы: 0.076 секунд
Работает на Kunena форум