• Monument@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    13
    ·
    5 months ago

    That means those suckers are either stored plaintext or stored with decryption key that is somewhere within the server. Yeesh.

    • Tja@programming.dev
      link
      fedilink
      arrow-up
      9
      ·
      5 months ago

      “if you change it”. It might send the email before storing it as a salted hash in the DB. Unlikely, but possible.