can you make a thing where we can see what our account passsword is i forgot it want to log into my account on a diffrent device and i cant remember

kingofallgods6657 wrote:

can you make a thing where we can see what our account passsword is i forgot it want to log into my account on a diffrent device and i cant remember

That is a bad idea. Imagine if you left yourself logged in on some device and then someone else used the same device and was able to see your password. Secondly, scratch doesn't actually store your passwords. Even if scratch team members wanted to see your password, they wouldn't have any way to do it. That is because all passwords are stored in the hashed form(one way encryption). Hashes are designed in a way to be impossible to decrypt. If 2 identical pieces of text are hashed then resulting hashes will also be identical. That is how scratch verifies your password. It hashed what you inputed password and compares it to the hash in the database.

For your case, the thing you are probably looking for is: https://scratch.mit.edu/accounts/password_reset/

No.

Just no.

If you remember your email, you can change your password with https://scratch.mit.edu/accounts/password_reset/

AnAccount_StopAsking wrote:

No.

Just no.

Please be constructive and say why you don’t support. I basically just recited a bible verse lol.

plqaokwsijeduhrfyg wrote:

AnAccount_StopAsking wrote:

No.

Just no.

Please be constructive and say why you don’t support. I basically just recited a bible verse lol.

The suggestion is basically sharing your password.

Uhh That's a bad idea. There is a password reset

bad idea

imagine if your logged in and other people can see your password.
then, they can hack into your account and it cause a lot of problems
for scratchers

No support.
Say you're in a coffee shop (or some place), and you open up Account Settings, and you go to Passwords. Now the stranger behind you can see your password.

sonic__fan wrote:

No support.
Say you're in a coffee shop (or some place), and you open up Account Settings, and you go to Passwords. Now the stranger behind you can see your password.

they can hack your account (if they have one…)

k1412483 wrote:

sonic__fan wrote:

No support.
Say you're in a coffee shop (or some place), and you open up Account Settings, and you go to Passwords. Now the stranger behind you can see your password.

they can hack your account (if they have one…)

and then delete your account
or say bad words and ip ban you

no support. Password Reset exists for a reason.

literally impossible.

some years ago people decided that storing password in plain text on servers was insecure so they decided to come up with hashing.
basically just some complicated math to turn a string of text (the password) into a seemingly random, but precise, longer string of text aka the hash, which is actually stored on the scratch servers.
this is secure because its literally impossible to get the password back from a given hash unless you bruteforce every possible password.

scratch doesnt know your password and cant tell you your password.

If you have your password set to auto-fill, you can check the saved passwords bank in your browser to find your login credentials. On Firefox, this will be about:logins, on Chrome chrome://settings/passwords, and on Edge edge://settings/passwords.

It's imperative that you make sure no one's peeking.

i hate this suggestion as long as I hate hackers.

Please cool the hate here. There is no need to be so negative. You can respectfully state why you don't agree with this suggestion but saying things like “bad idea” is disrespectful. Share ideas on how the suggestion can be improved, or why it shouldn't be implemented without the harsh tone.

leahcimto wrote:

Please cool the hate here. There is no need to be so negative. You can respectfully state why you don't agree with this suggestion but saying things like “bad idea” is disrespectful. Share ideas on how the suggestion can be improved, or why it shouldn't be implemented without the harsh tone.

it's basically sharing your password

please q

7salad3salad wrote:

no support. Password Reset exists for a reason.

quote on the first post (optional)

leahcimto wrote:

Please cool the hate here. There is no need to be so negative. You can respectfully state why you don't agree with this suggestion but saying things like “bad idea” is disrespectful. Share ideas on how the suggestion can be improved, or why it shouldn't be implemented without the harsh tone.

What is “hate” or not is subjective.

leahcimto wrote:

Please cool the hate here. There is no need to be so negative. You can respectfully state why you don't agree with this suggestion but saying things like “bad idea” is disrespectful. Share ideas on how the suggestion can be improved, or why it shouldn't be implemented without the harsh tone.

Yes, I agree with you here. Yes, this is a suggestion that we wouldn't want to implement, but most people aren't familiar with web security concepts! I think describing this as “basically sharing your password” is a bit hyperbolic, and we can all do better to be friendly and welcoming to other users who make suggestions in good faith.

As for the suggestion itself, unfortunately the problem with this is that good security practices dictate that we store your password in a non-reversible format. When you login, we're able to verify that your password is correct without actually knowing what it is. We cannot and will not ever store your password in a form that would allow us to tell you what it is, and we shouldn't! Instead, if you forgot your password, just use the “forgot password?” link in the login page to reset your password.