3 comments

[ 2.5 ms ] story [ 23.3 ms ] thread
If you read the Bruce Schneier article instead of the linked blog post you get this:

EDITED TO ADD (4/12): Seems that the BBC article misstated the law. Companies have to retain information they already collect for a year after it is no longer required. So if they're not already storing plaintext passwords, they don't have to start.

Indeed. All these new french laws such as HADOPI, LOPSI 1 and 2 are crazy enough they don't need more sensationalism.