[–] philtar 13y ago ↗ Marcaria.com stores them in plaintext, too.I told them about it multiple times."We'll have our engineers look into it" -- Two Days Later -- "This ticket has been closed." [–] andyhmltn 13y ago ↗ Yup. That's usually the way. These guys kept assuring me my password was 'extremely safe, secure and backed up by industry standard.' Then I pointed out what the industry standard actually was and they've since stopped replying.
[–] andyhmltn 13y ago ↗ Yup. That's usually the way. These guys kept assuring me my password was 'extremely safe, secure and backed up by industry standard.' Then I pointed out what the industry standard actually was and they've since stopped replying.
[–] astrodust 13y ago ↗ Is there a service where, given a domain name, you can get an assessment of previous security problems, or potential ones?Many cities have restaurant inspections, so why not this? [–] pixelcort 13y ago ↗ Or even better, a PBKDF2/bcrypt/scrypt certification.Something like "Site X has been verified to to be using per-user salts using scrypt at 200ms and 1MB memory." [–] andyhmltn 13y ago ↗ That's a brilliant idea. Having a database of this kind of thing would be really helpful.
[–] pixelcort 13y ago ↗ Or even better, a PBKDF2/bcrypt/scrypt certification.Something like "Site X has been verified to to be using per-user salts using scrypt at 200ms and 1MB memory."
[–] andyhmltn 13y ago ↗ That's a brilliant idea. Having a database of this kind of thing would be really helpful.
6 comments
[ 3.0 ms ] story [ 30.1 ms ] threadI told them about it multiple times.
"We'll have our engineers look into it" -- Two Days Later -- "This ticket has been closed."
Many cities have restaurant inspections, so why not this?
Something like "Site X has been verified to to be using per-user salts using scrypt at 200ms and 1MB memory."