Jump to content



Photo

Really Direct 2 Drive, Really?


  • Please log in to reply
19 replies to this topic

#16 Chosen One

Chosen One

    Neowinian Senior

  • 2,285 posts
  • Joined: 11-April 04
  • Location: Toronto,Canada

Posted 26 April 2011 - 00:50

Sadly, this isn't the case - it was actually my password that I had personally set for that account.

Well then, that is some serious f'd up shiz


#17 +LogicalApex

LogicalApex

    Software Engineer

  • 6,163 posts
  • Joined: 14-August 02
  • Location: Philadelphia, PA
  • OS: Windows 7 Ultimate x64
  • Phone: Nexus 5

Posted 26 April 2011 - 00:52

I would bet that more sites that not still haven't learned the benefits of hashing passwords sadly. I wonder too how many of those that have take the time to also salt the password hash.

#18 +warwagon

warwagon

    Only you can prevent forest fires.

  • 25,963 posts
  • Joined: 30-November 01
  • Location: Iowa

Posted 26 April 2011 - 01:17

I hate companies like that, when they send you emails with your ****ing password clear as day in the email.

They say **** like ... Login now with your password and the proceed to tell you in plain text what your ****ing password is. Idiots

Plenty of fish does the same thing

http://www.neowin.ne...ty-at-its-best/

#19 +Audien

Audien

    Software Eng.

  • 4,372 posts
  • Joined: 30-December 03
  • Location: Seattle, WA
  • OS: Windows 8.1/Mac OSX
  • Phone: iPhone 5S

Posted 26 April 2011 - 01:20

We store some passwords in cleartext for our clients at work too. When I brought my concern up with the lead dev, he said that it's actually one of the requirements of the client's because the they'd like to be able to retrieve them if they forget. :pinch:

#20 LiquidSolstice

LiquidSolstice

    Neowinian Senior

  • 4,801 posts
  • Joined: 08-April 09

Posted 26 April 2011 - 04:40

:p I think you meant "plaintext", not "plantext" or "paintext"

But yeah, I agree, that's a tad bit worrying. I feel like they shouldn't be emailing that unless its a password reset, and even then, most sites NEVER ever send you your password in plain text.