I would say that plaintext is correct. if password "secret123" is sent to you, i... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

xarope on Jan 12, 2024 | parent | context | favorite | on: Outlook is Microsoft's new data collection service

I would say that plaintext is correct.

if password "secret123" is sent to you, it doesn't matter if it was sent via carrier pigeon, locked up in a secure briefcase and delivered by someone driving an aston martin, or via a TLS channel. It's still plaintext, because the receiver now has the actual password, and not a hash of the password.

Arnavion on Jan 12, 2024 [–]

It does matter. Transmiting it in plain text, ie unencrypted, is much worse, because it means eavesdroppers also have access to it.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact