No vibe coding needed. Many years ago, my friend, a new yet overly-confident web developer, pulled the entire list of usernames and passwords from the back-end when the login page opened. It was to “check if password is correct faster”.
That was pretty common some years back. Earlier versions of popular discussion boards like phpBB and stuff would store everything in the mysql db in plain text. The practice only changed when sql injections became popular with script kiddies. Malicious admins would also just check user’s email and password and try them elsewhere, reusing passwords was even more commonplace then than it still is today.
No vibe coding needed. Many years ago, my friend, a new yet overly-confident web developer, pulled the entire list of usernames and passwords from the back-end when the login page opened. It was to “check if password is correct faster”.
(And yes, he stored passwords in plaintext)
Maybe the entire database should be downloaded into the browser. Then it’ll go really, really fast!
It was faster?
Webscale
And why is the database storing the passwords in plain text? Sure the web dev is wrong, but the back end guy is not the brightest either.
Having been there, it’s probably the same guy, lol
Sometimes you really do just gotta learn the hard way.
Guess this is a “Fight Club” situation.
That was pretty common some years back. Earlier versions of popular discussion boards like phpBB and stuff would store everything in the mysql db in plain text. The practice only changed when sql injections became popular with script kiddies. Malicious admins would also just check user’s email and password and try them elsewhere, reusing passwords was even more commonplace then than it still is today.
This is probably the code on which the LLM was trained.