338
Warning: New Outlook sends passwords, mails and other data to Microsoft | mailbox.org (mailbox.org)
submitted 7 months ago by bbbhltz@beehaw.org to c/technology@beehaw.org
65 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] vox@sopuli.xyz 8 points 7 months ago

nope hashing is usually done server-side.
also counter-intuitively server-side hashing is considered more secure than client side (in case of client side hashing hash becomes the password)

[-] SexualPolytope@lemmy.sdf.org 3 points 7 months ago

I'm not an expert in this, and I did look around after reading your comment. Looks like the password is usually sent as-is, then hashed server side, and matched against hashes in the database. So, the hashes are what's stored in their database. So, ideally, the server shouldn't know your password. Also, it can be hashed from client side too, but that becomes redundant since everything is tls encrypted anyway.

this post was submitted on 10 Nov 2023
338 points (100.0% liked)

Technology

37208 readers
115 users here now

Rumors, happenings, and innovations in the technology sphere. If it's technological news or discussion of technology, it probably belongs here.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
alyaza@beehaw.org
TheRtRevKaiser@beehaw.org
gyrfalcon@beehaw.org
rs5th@beehaw.org
coldredlight@beehaw.org
Los@beehaw.org
SemioticStandard@beehaw.org
TheRtRevKaiser@kbin.social
remington@beehaw.org