• Xandris@kbin.social
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    i was more wondering why a length limit implies anything about how they’re storing the password. once they receive the password they’re free to hash it any which way they want

    random memory—yahoo back in the day used to hash the password in the browser before sending it to the server, but TLS made that unnecessary i guess