>accidentally entered password for website x on website y
>>62253930
>being this autistic
Passwords are hashed when sent. Even if they wanted to, they can't get your password
>>62254033
>Passwords are hashed when sent
says who? internet police?
on several occasions i've signed up for sites and had them send me a confirmation email containing my password in plain text.
>>62253930
>accidently enter password in username box
>>62254033
this isn't the issue, the issue is if they store your hashed attempts and don't salt
>>62254062
That's because they're shit sites. Any site that has devs that have brains will implement this technique. It's 2017 ffs
>>62254185
if web devs had brains they wouldn't be doing web dev
>>62254090
>accidentally enter "usernamepassword" as username
>use pass
> >>62253930 >>62254090 >>62254285 can never happen
gee that was hard
>>62254033
>unhash password
>get fucked
>>62254339
> i'm a retard: the post
Too late kid, your computer is already turned into a bomb
>>62254033
>Passwords are hashed when sent.
No they're not.
>Even if they wanted to, they can't get your password
Yes I can.
>command required to supply password as parameter.
>it is now forever stored in the shell log.
why?
>>62254062
The old site for my uni accomodation did this and the "change password" page was just a text box with your existing password already in it
>all those retarded niggers replying to greentexts
>>62253930
Worse, you have entered your password in the logon field; everyone can see it.
>>62254743
do you know what xarg is?
>>62254033
A company I did some consulting with a few years ago saved every failed login attempt to a database table. Which in and of it self isn't bad. Except for the fact that they also stored the 'bad_password' in plaintext.
>>62254062
Retard.
That's because you used "Forgot Password".
You're supposed to change it RIGHT AWAY. Then they will have a hash.