Only relatively safe. Nowhere is it absolutely safe.
Basically, everyone is stored in the database, and the passwords are encrypted. The encryption here is usually a custom algorithm, so even if he gets the encrypted password, he cannot know the original password.
The above is the standard configuration, which means everyone will do it. The security of a website does not mean that it cannot be cracked, nor does it mean that the code has loopholes. So don’t worry about this
As a blog system, account and password information must be stored in the database. Specifically how to store it safely in the database, you can consider adding salt + hash before storing it. In this way, only the user (yourself) knows the password, and others cannot obtain your password even if they drag the database.
As a user, it is definitely safer to keep your account password in your own head.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
Only relatively safe. Nowhere is it absolutely safe.
Basically, everyone is stored in the database, and the passwords are encrypted. The encryption here is usually a custom algorithm, so even if he gets the encrypted password, he cannot know the original password.
The above is the standard configuration, which means everyone will do it. The security of a website does not mean that it cannot be cracked, nor does it mean that the code has loopholes. So don’t worry about this
As a blog system, account and password information must be stored in the database. Specifically how to store it safely in the database, you can consider adding salt + hash before storing it. In this way, only the user (yourself) knows the password, and others cannot obtain your password even if they drag the database.
As a user, it is definitely safer to keep your account password in your own head.
In my head, how about 1password5