tonkatwuck

joined 1 year ago
[–] tonkatwuck@lemmynsfw.com -2 points 9 months ago (1 children)

You mentioned "keyword", are you aware of the search feature in discord?

[–] tonkatwuck@lemmynsfw.com 0 points 1 year ago (1 children)

I'm just explaining how user authentication works for most web applications. The server will process your plaintext password when your account is created. It should then store that as a hashed string, but it can ALSO send out an email with that plaintext password to the user describing their account creation. This post does not identify that passwords are stored in plaintext, it just identifies that they email plaintext passwords which is poor security practice.

[–] tonkatwuck@lemmynsfw.com 2 points 1 year ago (3 children)

It's possible that this email is a result of forum user creation, so during that submission the plaintext password was available to send to the user. Then it would be hashed and stored.