| ▲ | Marsymars 5 days ago | |
> but literally every site with passwords can do that by default, it just needs a general admin UI which almost always exists. Most sites/systems that are designed for security won't have such an admin UI - passwords should generally not be handled in a way where anybody other than the user is ever able to know what they are. | ||
| ▲ | Groxx 5 days ago | parent [-] | |
"I can erase a securely hashed password and set a new one" is very common and generally seen as safe, and does not at all require being able to "know what [the current password is]". Most can do this. As a concrete example, phpMyAdmin has UI specifically for editing password fields: https://www.wpbeginner.com/beginners-guide/how-to-reset-a-wo... | ||