I've been working on a security system and reading all about salting and hashing passwords. In one of the articles I read, it mentioned something about phpBB storing passwords in plain text in the database. I'm wondering, does SMF do that too? If not, do you know what SMF does with the password? Does it salt it and hash it and store it? Does it just hash it? Does it encrypt it with a private key?
The worry, of course, is if a forum user uses the same password for the forums and for something important, like banking information. I don't, so I'm not worried about me, but who knows what the other users do.
Worry not, grasshopper.
If thou doth clicketh upon your PROFILE (http://forums.righteouswrath.com/index.php?action=profile), then "Account Related Settings", look next to "ANSWER" and see the label that reads thusly:
"WHY IS THIS BLANK? (http://forums.righteouswrath.com/index.php?action=helpadmin;help=secret_why_blank)", therein all wisdom shall be thrown upon thou.