I tried logging in on browser and I had inspected the request. My password was sent in plaintext. Is this a infosec.pub issue or a Lemmy one?
I tried logging in on browser and I had inspected the request. My password was sent in plaintext. Is this a infosec.pub issue or a Lemmy one?
Because it provides no advantage. TLS is used to secure any data sent to a server. If you don’t trust the server with your password, then you should use a unique password for this website. In fact, you should always use a unique password.
https://www.cloudflare.com/en-ca/learning/ssl/transport-layer-security-tls/
Okay. I am pretty new to this stuff so I’ll go and check out SSL/TLS. Thanks :)