I tried logging in on browser and I had inspected the request. My password was sent in plaintext. Is this a infosec.pub issue or a Lemmy one?
I tried logging in on browser and I had inspected the request. My password was sent in plaintext. Is this a infosec.pub issue or a Lemmy one?
The first paragraph is correct, but your second paragraph is not. A cryptographic hash function is a lossy one-way function. Knowing exactly how something was hashed does not mean you can turn the hash back into the starting value again.