Message from RedSunRises in NSL #general
But fashbook may be the best tool we got
its like our personal iron march
https://www.fashbook.biz/ @everyone you are required to have a fashbook account
Why did it send me my password in an email after I signed up
Websites shouldn’t store passwords in plain text
This website is not close to being done.
But it’s something, I like it
It looks good so far, just triggered my autism lol
the low popularity of it will keep us low enough for now
it can be fixed as we go
but it must be fixed at some point
Well 42 Membera as we stand now
basically nonexistant in web map
I am doing some testing on it.
Sending an email with the text that was entered into a form field doesn’t necessarily mean that it’s storing the passwords unencrypted, but it isn’t that comforting lol. The important thing is that if I forget my password, the website should not have the capability of telling me what it is, because it should only know my hashed, encrypted password
@johnolithicsoftware get on I found a big problem that allows me to login in under anyones account thanks
It's not unencrypted. The website has SSL
So it's not unencrypted
it gets encrypted when it goes through the website
It allows you to log in under anyone's name?
John hop on vc
Welcome to BetaTesting
I made that
that is fucking worrying
It for us to post any problems we find.
Okay I'm on VC
Also, as a word of advice, verify someone’s email before reminding them what their username and password are. You don’t have to remind them anyways, but at least make sure they didn’t mistype their email first lol
Yeah I wanted to make it convenient.
The best security procedures are really inconvenient
I’m not trying to be an asshole or anything, I’m not exactly a security expert, this one thing is about all I know. That, and sanitize your PHP inputs lol
sanitize the PHP inputs?