Not necessarily. If a Javascript vulnerability exists, they can steal the password you type before it even reaches the database (long before the salting and hashing steps).
If the backend code running on their servers is similarly compromised, then the password can be stolen from code-memory before it is salted or hashed.
Not necessarily. If a Javascript vulnerability exists, they can steal the password you type before it even reaches the database (long before the salting and hashing steps).
If the backend code running on their servers is similarly compromised, then the password can be stolen from code-memory before it is salted or hashed.