[–] dnskw 12y ago ↗ They could have encrypted them and then decrypt if they want to view them. [–] FruitForce 12y ago ↗ But that's still just as bad. It doesn't matter if one person or a thousand people reads someone else's password in plain text. It's still technically a breach in security regardless of if they work for the company or not. [–] dnskw 12y ago ↗ Yes it is bad, but its better than storing them in plain text in the database.
[–] FruitForce 12y ago ↗ But that's still just as bad. It doesn't matter if one person or a thousand people reads someone else's password in plain text. It's still technically a breach in security regardless of if they work for the company or not. [–] dnskw 12y ago ↗ Yes it is bad, but its better than storing them in plain text in the database.
3 comments
[ 3.1 ms ] story [ 20.5 ms ] thread