It is currently Mon May 20, 2013 11:51 am

View unanswered posts | View active topics


Board index » The Portable Freeware Collection » Resources & Links

All times are UTC - 8 hours




Post new topic Reply to topic  Page 1 of 1
  [ 5 posts ] 
  Print view Previous topic | Next topic 
Author Message
guinness
 Post subject: Websites that store your password in plain text.
PostPosted: Thu Jun 14, 2012 1:36 pm 
Offline
User avatar

Joined: Mon Aug 27, 2007 2:00 am
Posts: 3726
Quote:
A website storing a password in plain text means that your password is there, waiting for someone to come and take it. It doesn’t even matter if you’ve created the strongest possible password. It’s just there.


Source: http://plaintextoffenders.com/

_________________
Added 177 Applications: Portable and an AutoIt MVP
SoftwareSpot - Portable Apps
Top
 Profile  
 
Midas
 Post subject: Re: Websites that store your password in plain text.
PostPosted: Thu Jun 14, 2012 1:55 pm 
Online
User avatar

Joined: Mon Dec 07, 2009 7:09 am
Posts: 912
Location: Terra @ Sol System
Often wondered about such practices, which I found mostly in mailing lists. What's the point of setting a password if it then travels back to you -- across all of the Internet -- in plain text? :(
Top
 Profile  
 
carbonize
 Post subject: Re: Websites that store your password in plain text.
PostPosted: Fri Jun 15, 2012 3:03 am 
Offline

Joined: Wed Jan 09, 2008 1:16 am
Posts: 324
Location: Bristol, UK
Whilst I do think storing passwords in plaintext is one of the stupidest things any web dev can do that entire website is based on the premise of someone getting hold of your emails If someone has got access to your emails it makes no difference if they send your email in plaintext or not since reset emails will also be sent to that address.

_________________
C a r b o n i z e
System Event Notification Service Not Starting
Top
 Profile  
 
JohnTHaller
 Post subject: Re: Websites that store your password in plain text.
PostPosted: Fri Jun 15, 2012 6:26 am 
Offline
User avatar

Joined: Wed Feb 10, 2010 4:44 pm
Posts: 405
Location: New York, NY
carbonize wrote:
Whilst I do think storing passwords in plaintext is one of the stupidest things any web dev can do that entire website is based on the premise of someone getting hold of your emails If someone has got access to your emails it makes no difference if they send your email in plaintext or not since reset emails will also be sent to that address.

There is a small difference as, if someone gains access to your email, they can request your passwords from sites like that and get your password without you knowing. For sites that reset your password, they'd need to change it, which may alert you to someone messing with it. A small difference, but a difference.

_________________
PortableApps.com - The open standard for portable software
Top
 Profile  
 
carbonize
 Post subject: Re: Websites that store your password in plain text.
PostPosted: Fri Jun 15, 2012 6:51 am 
Offline

Joined: Wed Jan 09, 2008 1:16 am
Posts: 324
Location: Bristol, UK
But how long would a malicious person need to have access to your account for to do serious damage or gain access to your personal details? I doubt anyone after your passwords would be in it for the long haul.

_________________
C a r b o n i z e
System Event Notification Service Not Starting
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 5 posts ] 

Board index » The Portable Freeware Collection » Resources & Links

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

Protected by Anti-Spam ACP Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group