Open henrychu04 opened 2 years ago
The password is not sha256 encrypted when it is sent to the server, meaning that a third party intercepting requests is able to attain the unencrypted passwords
It is a minor bug.
symxmyz233
commented
2 years ago
The password is not sha256 encrypted when it is sent to the server, meaning that a third party intercepting requests is able to attain the unencrypted passwords