CamelCase

joined 1 year ago
sorted by: new top controversial old
YSK: Your Lemmy activities (e.g. downvotes) are far from private in c/youshouldknow@lemmy.world
[–] CamelCase@lemm.ee 6 points 1 year ago* (last edited 1 year ago) (1 children)

I didn't look at Lemmy's source but I'm pretty sure it is hashed. The thing is, password is hashed in the database only to protect users in case database gets hacked. But a bad admin of the server can always just change the code and nobody would know. When it comes to websites, open source doesn't provide any additional security, since everything that happens on the server is a black box. I'm not an expert on this though. Correct me if I'm wrong

YSK: Your Lemmy activities (e.g. downvotes) are far from private in c/youshouldknow@lemmy.world
[–] CamelCase@lemm.ee 31 points 1 year ago* (last edited 1 year ago) (25 children)

It's not just upvotes and downvotes. Instance admin also knows your email and can store your password in plaintext if they want to. It's up to user to decide whether to trust the instance admin

view more: ‹ prev next ›