non-biased-news @non-biased-news

All tokens/passwords are now encrypted on Sparklabs!

That means that I had to wipe the DB, so please remake your account!

As before, first 10 people to join get verified!

Sorry about the static links for now, I need to learn my templating engine to make it better.

https://sparklabs.amorogos.repl.co/static/join.html

https://sparklabs.amorogos.repl.co/static/login.html

Oct 18, 2022, 5:20 PM
45
View all

comments

Highlighted comment

Please don’t just encrypt your db, it does not guarantee security, good access control is better than just having it public and encrypted. Please use something like MongoDB Atlas (free 512MB cluster, no payment details required) or use some other sort of database on a self hosted server.

also, isn’t sha256 actually very insecure

idk, i need to salt them

You need to use a more secure algorithm like bcrypt, scrypt, or argon2

after I make some other stuff

sha256 is very insecure for passwords because it is way too fast, it can be brute forced pretty easily

oh, okay. I didn’t know that. Now I know, and knowing is half the battle.

nah, gonna use the server my dad owns