Cybersecurity - Memes

1876 readers

201 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago

MODERATORS

[email protected]

387

Your password must also not contain the following character combinations: script, select, insert, update, delete, drop, --, ', /*, */. (lemmy.world)

submitted 7 months ago by [email protected] to c/[email protected]

59 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 33 points 7 months ago* (last edited 7 months ago) (1 children)

Prepared statements, mostly. You define the query using variables, turn that query into a language-dependent object, assign values to those variables, then execute the statement. The values will be passed verbatim, without any parsing.

Or, since we're talking about a password, you could encode or encrypt it before inserting it into the query string. The fact that the website could be negatively affected by phrases in the cleartext password is very concerning.

[–] [email protected] 8 points 7 months ago

At best, it means they're storing your password instead of just a salted hash. And that's horrible.