question

Dylan Hunt avatar image
Dylan Hunt asked

Password security

With the Era of https, you no longer have to hash or encrypt passwords client side, so I can send plaintext then let the server handle it. 

How does everyone secure their passwords? Does PlayFab automatically hash passwords? That would be a godsend if that's already done since the Era of https doesn't require the client side to be hashed before sending to server. 

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

2 Answers

·
brendan avatar image
brendan answered

Yes, we salt and hash passwords on our side. To be quite frank, there is no excuse for saving a plaintext password on a server - ever.  :)

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Dylan Hunt avatar image
Dylan Hunt answered

You guys rock. Thanks for making my life easy ;) 

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.