This might be a silly question but I couldn’t find this information through searching google.
I’m wondering if the lemmy platform for all instances encrypts passwords automatically, or if admin are able to view user passwords.
It’s not so silly once you consider that even big corporations often store passwords in plaintext which comes out during a hack.
Thanks for answering.
Checking myself because you got me curious: https://github.com/LemmyNet/lemmy/blob/main/crates/api/src/local_user/login.rs
But passwords are hashed. Specifically using bcrypt: https://en.m.wikipedia.org/wiki/Bcrypt
This is why open source is good!
None of your other accounts will be compromised because you’re using a random password stored in a password manager.
You are using a password manager?
There is no way the passwords aren’t hashed, otherwise I’m sure some responsible dev on the project would be making some noise.
Isn’t there some famous cautionary tale about everyone assuming someone else checked? Regardless, someone else in this thread checked, and passwords are hashed.