This might be a silly question but I couldn’t find this information through searching google.
I’m wondering if the lemmy platform for all instances encrypts passwords automatically, or if admin are able to view user passwords.
It’s not so silly once you consider that even big corporations often store passwords in plaintext which comes out during a hack.
Thanks for answering.
Password hashing is great, but if in attacker breaks lemmy or an instance server somehow and can modify lemmy or tinker with the front ending server config they can just steal credentials as they come in, so hashing is good, but IMO gets given more importantance than it should. I’ll take my down votes now for downplaying password hashing.
i mean, if you’re not hashing passwords, there is clearly a major problem there.
what does this even mean?
are you worried about mitm attacks? that’s a basic feature of HTTPS, and basically the reason it exists