In plain text I assume right? You’re not crazy…

You joke, but one of the programs at my work we use legit doesn’t need credentials, just a username. That one’s a head scratcher to me.

Database schema = “Not fraudulant”, what’s so hard about that? Login credentials don’t even need to be encrypted if you say no fraud before you log in, and cross your fingers. It’s basic programming knowledge, come on man. Also throw some salt over shoulder and slaughter a goat for good measure just in case.

Now they’re just trying to distract us from the actual dangerous shit they’re doing behind the scenes. Don’t fall for it!