this post was submitted on 28 Sep 2023
323 points (75.7% liked)

Games

32910 readers
1419 users here now

Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.

Weekly Threads:

What Are You Playing?

The Weekly Discussion Topic

Rules:

  1. Submissions have to be related to games

  2. No bigotry or harassment, be civil

  3. No excessive self-promotion

  4. Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts

  5. Mark Spoilers and NSFW

  6. No linking to piracy

More information about the community rules can be found here.

founded 2 years ago
MODERATORS
 

Larion Studios forum stores your passwords in unhashed plaintext. Don't use a password there that you've used anywhere else.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 48 points 1 year ago* (last edited 1 year ago) (1 children)

Sending your password right after you created it might not be best practice, but it doesn't mean it's stored unhashed in the database. It looks like they're using a third party forum software, so it should be pretty straightforward to figure out whether they do or not.

Looks like they address it here: https://forums.larian.com/ubbthreads.php?ubb=showflat&Number=669268#Post669268

[–] AlmightySnoo 13 points 1 year ago (1 children)

it should be pretty straightforward to figure out whether they do or not

Not really since it's closed-source: https://www.ubbcentral.com/

But they seem to have been in business since 1997, so I highly doubt that they'd fuck up the "never store passwords in plain text" rule.

[–] [email protected] 11 points 1 year ago (1 children)

Yeah, I was looking it up, and when I saw they've been selling this forum software since 1997 I was less confident about passwords being hashed. They address it in their forums and they're making it clear that the passwords are actually hashed, and they're looking at migrating to other solutions regardless.

[–] [email protected] 9 points 1 year ago (1 children)

That thread is from 2020, where they said they fixed the password send issue.

Op, how old is ths image above?

[–] Cabrio 1 points 1 year ago* (last edited 1 year ago)

Image was taken immediately before posting. The issue, apparently, has since shown up again.