this post was submitted on 24 Jan 2024
390 points (98.5% liked)

Cybersecurity - Memes

1964 readers
2 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
Sam1232188@lemmy.world
neurohost@lemmy.world
Alphadef@programming.dev
CannaVet@lemmy.world
390
Your password must also not contain the following character combinations: script, select, insert, update, delete, drop, --, ', /*, */. (lemmy.world)
submitted 9 months ago by ABasilPlant@lemmy.world to c/cybersecuritymemes@lemmy.world
59 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] Semi-Hemi-Demigod@kbin.social 17 points 9 months ago (1 children)

They might be doing it in the DB query, but they’re definitely not sanitized beforehand.

[–] CrayonRosary@lemmy.world 2 points 9 months ago (1 children)

Sanitization has nothing to do with salting and hashing.

[–] Semi-Hemi-Demigod@kbin.social 2 points 9 months ago

If you do the salting and hashing in a database query you need to sanitize the input before you use it or you open yourself to SQL injection.

Databases have salting and hashing functions, after all