I tried logging in on browser and I had inspected the request. My password was sent in plaintext. Is this a infosec.pub issue or a Lemmy one?

  • clb92@kbin.social
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    The first paragraph is correct, but your second paragraph is not. A cryptographic hash function is a lossy one-way function. Knowing exactly how something was hashed does not mean you can turn the hash back into the starting value again.