this post was submitted on 24 Jan 2024
5 points (100.0% liked)

Cybersecurity - Memes

1975 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
5
Your password must also not contain the following character combinations: script, select, insert, update, delete, drop, --, ', /*, */. (lemmy.world)
submitted 9 months ago by [email protected] to c/[email protected]
38 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 9 months ago (2 children)

So they’re not hashing or salting the passwords too. Cool…

[–] [email protected] 0 points 9 months ago (1 children)

Which makes me want to try and insert a password of a few megabytes worth of text. Should be fine, since there is no max lenght defined, right?

[–] [email protected] 0 points 9 months ago

If there is no overwrought prohibition of something I know that at least in America that means it’s

  1. Affirmatively legal and
  2. Legislatively encouraged by the FREEE Act

So give ’em hell!

[–] [email protected] 0 points 9 months ago (1 children)

They might be doing it in the DB query, but they’re definitely not sanitized beforehand.

[–] [email protected] 0 points 9 months ago

Sanitization has nothing to do with salting and hashing.