I appreciate the transparency, but the phrase securely hashed always makes me a little nervous. It's a huge spectrum, right? We talking bcrypt/scrypt with a proper salt, or something from the old days?
When they got hacked three years ago the notice included this:
> Even though all account passwords that could have been accessed were hashed (with bcrypt plus salted and peppered) and secured in accordance with best practices, out of an abundance of caution we are requiring all Plex accounts to have their password reset.
Whether that later changed for the worse is anyone's guess.
> Even though all account passwords that could have been accessed were hashed (with bcrypt plus salted and peppered) and secured in accordance with best practices, out of an abundance of caution we are requiring all Plex accounts to have their password reset.
Whether that later changed for the worse is anyone's guess.