Sending your password right after you created it might not be best practice, but it doesn’t mean it’s stored unhashed in the database. It looks like they’re using a third party forum software, so it should be pretty straightforward to figure out whether they do or not.
Yeah, I was looking it up, and when I saw they’ve been selling this forum software since 1997 I was less confident about passwords being hashed. They address it in their forums and they’re making it clear that the passwords are actually hashed, and they’re looking at migrating to other solutions regardless.
Sending your password right after you created it might not be best practice, but it doesn’t mean it’s stored unhashed in the database. It looks like they’re using a third party forum software, so it should be pretty straightforward to figure out whether they do or not.
Looks like they address it here: https://forums.larian.com/ubbthreads.php?ubb=showflat&Number=669268#Post669268
Not really since it’s closed-source: https://www.ubbcentral.com/
But they seem to have been in business since 1997, so I highly doubt that they’d fuck up the “never store passwords in plain text” rule.
Yeah, I was looking it up, and when I saw they’ve been selling this forum software since 1997 I was less confident about passwords being hashed. They address it in their forums and they’re making it clear that the passwords are actually hashed, and they’re looking at migrating to other solutions regardless.
That thread is from 2020, where they said they fixed the password send issue.
Op, how old is ths image above?
Image was taken immediately before posting. The issue, apparently, has since shown up again.