384

Your password must also not contain the following character combinations: script, select, insert, update, delete, drop, --, ', /*, */. (lemmy.world)

submitted 6 months ago by ABasilPlant@lemmy.world to c/cybersecuritymemes@lemmy.world

59 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] rtxn@lemmy.world 33 points 6 months ago* (last edited 6 months ago)

Prepared statements, mostly. You define the query using variables, turn that query into a language-dependent object, assign values to those variables, then execute the statement. The values will be passed verbatim, without any parsing.

Or, since we're talking about a password, you could encode or encrypt it before inserting it into the query string. The fact that the website could be negatively affected by phrases in the cleartext password is very concerning.

[-] surewhynotlem@lemmy.world 8 points 6 months ago

At best, it means they're storing your password instead of just a salted hash. And that's horrible.

this post was submitted on 24 Jan 2024

384 points (98.5% liked)

Cybersecurity - Memes

1668 readers

495 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago

MODERATORS

Sam1232188@lemmy.world

neurohost@lemmy.world

Sam1232188@lemmy.fmhy.ml

Alphadef@programming.dev

CannaVet@lemmy.world