This thread is frustrating. Everyone seems more interested in nitpicking the specifics of what OP is saying and are ignoring that a forum sends you your password (not an automatically generated one) in an email on registration.

  • Kevin@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    But in situations like this there is a much larger chance it’s being stored in plain text.

    I suppose, but OP said in the title that the passwords were being stored in plaintext, despite that not being the case.

    • MajorHavoc@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Using “we use a reversible hash” to claim “we don’t store passwords in plain text” is the “corn syrup is not sugar” of the cybersecurity world.

      It’s technically correct, while also a bald faced lie.

      • Kevin@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Not sure what you mean here, this is what the forum post said:

        After emailing (admittedly not current best practice), the passwords are hashed and only the hash is stored.