Should we use replit or some other IDE?

i think you're missing my point.

i'm pointing out that if your parents want you to learn "real" programming you could easily argue that they need to buy you a server rack.

and no, replit isn't the same thing as hosting a website, and storing passwords in plaintext is dangerous. no clue what you're talking about on the other parts.

Only if your account is worth something like a bank account

why?

Nah they dont even know how to programm and their only clue is some test result

Only if your account is worth something like a bank account

everyone almost definetly has multiple accounts. knowing one passwords indicates what the other passwords might be, whether it's short, long, if there's some structure to it, a bunch of words, completely randomized, etc.

if you have the word "distinguished" in your password it's almost definetly in your other passwords.

also saying you don't need to do something isn't the same as knowing how to do it. why shouldn't you be able to create a secure password system? why use passwords at all if they aren't secure?

why? (replit)

because replit can take it down, you have the replit ui laid over it, it's a replit url, it's longer to load on people's devices, it's a massive hassle to create multiple webpages and to keep track of them, and i'm sure i could name many more issues if i actually used replit.

Nah they dont even know how to programm and their only clue is some test result

i still think you're missing the point

? no newwebsite.joecooldoo.repl.co I don't see replit ui

You can use custom URLs

  1. is this even tested?
  2. you can boost repls

Not really, you can use the search bar

thats why i tell everyone to use 123456 as a password to prevent password grabbing from my project

yeah why?
im just too lazy to remove the password part on my code bc it would turn a 2d system into a 1d one which requires an amount of work

and wake it up on request

why not?

nope its ez

no,that phemomena only happens on places far away from replit's main server,like the place i live(thats why i havent made any multiplayer games >:/ )

actually i could just fake the results with f12 but that would be even more boring

might've confused replit with something else, but the part about it being able to be easily taken down still applies. and by taken down i mean they decide they don't like the website and ban your account.

i feel like there's way too many fundamental misunderstandings here to get anywhere with this, so i'm not going to continue on it. originally i wasn't even trying to make any serious opinion on replit

they only take it down if it breaks the replit tos, which hardly ever happens to a user. The worst I got was one of my projects broke the replit tos and the worst they did was remove it from the community. They did not completely delete it, I can still use it.

I believe as a buffer.
Having an insecure password system is better than having none at all, if it’s well implemented. I could make people have only 3-character numerical passwords for my service, and it is still safer than having no passwords (despite being very easy to crack).

You guys!

Poor sarpnt was just trying to sympathize with 800 about his unreasonable parents by listing other unreasonable demands they might make for "real programming" and the sarcasm flew right over your heads so you're beating him up about details.

uhh?oh whoops

@sarpnt, sorry if my post came off as condescending or rude or as trying to pick a fight. That was not my intent, and I just wanted to understand why you said that passwords are of no use if they aren’t secure.

About the Replit thing- as you said, it’s not hosting a website yourself (how do people do that? I don’t know!), but you can run code with it in multiple languages, which in my mind makes it a proper environment. Even if it is hosted by a big company. This is similar to Google’s Colab.

passwords aren't just useless when they aren't secure, they're actively dangerous.

imagine for example if snap just stored usernames, emails, and passwords as a text file on their server. if someone tricked one of the staff or hacked in, they would know everyone's usernames, emails, and passwords.

here's some of the many dangerous things that would result from this:

  1. every account on snap would be known by everyone and the snap website would be unusable for a good while (making the passwords pretty much useless)
  2. someone could send emails to absolutely everyone on snap, able to sell the emails to spammers and phishers, and to do it themselves.
  3. many people reuse passwords or have similar passwords and it could be used to tell how to get into their other accounts, possibly even their email which basically guarantees access to everything. even if they have good passwords or a password manager, it reveals which one it is and how best to attack them

This is true. A huge tech corporation would want to spend as much time as they need to make sure their password system is 100% secure because they store things like emails and other website's passwords.

In the scenario I devised, the passcode (000-999) is easily crackable. However, this is a fine solution for a website like an anonymous chat program. For example, you could send messages as any number on the site.

All this is to say, depending on a project's intended use case, passwords/codes/whatever may not need to be secure.

This is largely already true, at least all the accounts that have published projects. And the part about email addresses, I think, is kind of a red herring; you're talking about why passwords should be encrypted, which doesn't imply encrypting other random stuff in the database.

Insecure passwords for low-risk sites such as ours become really problematic only when people use the same password for multiple sites.

Extending on what @bh said about the email part, you can use something like the Rijndael Algorithm to encrypt email addresses without worrying about brute force attacks.

You don't need to!replit shows code to you!which includes plain text passwords!

Oh then ill force a password of 123456(turn the input into a hidden which disables input unless hecker looks at inspect element)
ive got attacked before like this lol

then i used 123456 on every insecure password blank

it only takes like 5 lines of code to hash a password i don't see how it isn't worth the effort

For python:

import hashlib
import base64

def hash(txt):
  return base64.b64encode(hashlib.sha3_512(txt.encode()).digest()).decode('utf-8')

print(hash('Hello, World!'))

five lines wow

idk either
just too l8zy

@18001767679