Well we don’t know how that website is actually storing the password. They may well be using a password hash. Also, you should use scrypt or argon over bcrypt IMO. And there should be no upper restrictions on password length. argon2 can handle hashing megabytes of data in about the same time as a short password, so there’s never a need to limit the password length.
To potentially answer my own question: I believe the protocol I was looking for might have been the dat protocol which seems to have been replaced by something else.
I don’t want to give meta and instagram my phone number. Don’t you want people using lemmy? Why are telling me to give my data to meta?
How will they destroy it if they are literally only making it larger and more useable. The average normie today has no reason to create a mastadon account, because almost no one uses it. But if they can use a major social media platform, and use a federated free service like mastadon, then that makes mastadon much more valuable to them.
The fact that a social media service is objectively good doesn’t mean anyone is going to use it. Having backing from the biggest social media company in the world, might actually get people to use it.
I disagree with the prevailing sentiment here. Meta using ActivityPub is going to help ActivityPub grow an will be good for federated platforms like lemmy, and mastadon.
Lemmy should not block threads.net. Individual users can simply opt out of using threads, but it’s good if we can communicate with people using it and they can communicate with us using a decentralized, free, standard.
c/Xporn when X is not sexual. Like r/foodporn, r/earthporn, or r/animalporn.
Reddit’s database was pretty poorly designed. They designed it to be really flexible so they could make changes easily early on, but it was highly inefficient. I don’t know if it’s still like that, but the old website’s source code is public and it is very inefficient.
It is bad programming. Specifically it is very bad security (especially setting a maximum length - that is just ridiculous). I think websites should not rely too much on passwords anyway. They should be designed under the assumption that attackers will fairly commonly get access to user passwords, and therefore not let someone do too much damage from simply being able to login to your account.