[–] teovall 13y ago ↗ The phrase "stored in plain text" does not mean anything near the same thing as "encrypted with AES in the Windows Vault using the Data Protection API". This story is complete hogwash. [–] IanDrake 13y ago ↗ I'm thinking the same thing. These aren't website passwords, they need to be recoverable by an administrator. I'm sure this is by design. [–] viraptor 13y ago ↗ Why do you think they should be recoverable by anyone? You can verify your details against a hash, or reset them anyway.
[–] IanDrake 13y ago ↗ I'm thinking the same thing. These aren't website passwords, they need to be recoverable by an administrator. I'm sure this is by design. [–] viraptor 13y ago ↗ Why do you think they should be recoverable by anyone? You can verify your details against a hash, or reset them anyway.
[–] viraptor 13y ago ↗ Why do you think they should be recoverable by anyone? You can verify your details against a hash, or reset them anyway.
3 comments
[ 3.3 ms ] story [ 15.0 ms ] thread