How does this app "hash" their passwords with MD5, but still know the plain-text?
There is a public application that has terrible security practices. When performing an API call to such application, and succesfully logging in, it will return a "user" JSON that includes the MD5 hash of their password, and the M… Continue reading How does this app "hash" their passwords with MD5, but still know the plain-text?