389
you are viewing a single comment's thread
view the rest of the comments
[-] rtxn@lemmy.world 33 points 9 months ago* (last edited 9 months ago)

Prepared statements, mostly. You define the query using variables, turn that query into a language-dependent object, assign values to those variables, then execute the statement. The values will be passed verbatim, without any parsing.

Or, since we're talking about a password, you could encode or encrypt it before inserting it into the query string. The fact that the website could be negatively affected by phrases in the cleartext password is very concerning.

[-] surewhynotlem@lemmy.world 8 points 9 months ago

At best, it means they're storing your password instead of just a salted hash. And that's horrible.

this post was submitted on 24 Jan 2024
389 points (98.5% liked)

Cybersecurity - Memes

1893 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS