• shasta@lemm.ee
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    1 year ago

    None of these possibilities have any effect on their password handling security since all of that is usually handled on the frontend (on your computer).

    • frezik@midwest.social
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      1 year ago

      What? No. No matter where it happens (and it could be on either side, depending on the whims of the programmers), passwords shouldn’t be fiddled with this way. They should be passed through to the password hashing algorithm unchanged. There is no reason to ever fuck with them, and doing so will reduce security.