justcheckin99@lemmy.world to

Lemmy.world Support@lemmy.worldEnglish · 1 year ago

Does lemmy backend encrypt passwords?

9

13

Does lemmy backend encrypt passwords?

justcheckin99@lemmy.world to

Lemmy.world Support@lemmy.worldEnglish · 1 year ago

9

This might be a silly question but I couldn’t find this information through searching google.

I’m wondering if the lemmy platform for all instances encrypts passwords automatically, or if admin are able to view user passwords.

It’s not so silly once you consider that even big corporations often store passwords in plaintext which comes out during a hack.

Thanks for answering.

Chat

marsara9@lemmy.world
link
fedilink
English
arrow-up
31·
1 year ago
Checking myself because you got me curious: https://github.com/LemmyNet/lemmy/blob/main/crates/api/src/local_user/login.rs

But passwords are hashed. Specifically using bcrypt: https://en.m.wikipedia.org/wiki/Bcrypt
- CylonBunny@lemmy.world
  link
  fedilink
  English
  arrow-up
  14·
  1 year ago
  This is why open source is good!

Lemmy.world Support@lemmy.world

support@lemmy.world

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !support@lemmy.world

Lemmy.world Support

Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.

This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.

This community is subject to the rules defined here for lemmy.world.

To open a support ticket

Follow us for server news 🐘

Outages 🔥

https://status.lemmy.world

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

23 users / day
154 users / week
295 users / month
1.95K users / 6 months
152 local subscribers
3.16K subscribers
943 Posts
6.07K Comments
Modlog