Larion Studios forum stores your passwords in unhashed plaintext. Don’t use a password there that you’ve used anywhere else.

    • Vegasimov@reddthat.com
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      8
      ·
      1 year ago

      When you create an account you type your password in. This gets sent to the server, and then it is hashed and stored

      So there is a period of time where they have your unhashed password

      This is true of every website you have ever made a password on

        • Vegasimov@reddthat.com
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          2
          ·
          1 year ago

          I’ve never even heard of the game studio I’m not defending them, I was replying to the person who said the company should never have your unhashed password, and explaining that they have to at some point in the process

      • dangblingus@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        9
        ·
        1 year ago

        So why would an agent at Larian have man-in-the-middle access between the password being sent to the server, and the auto-hash?