CSV: plaintext offenders

Started by rcjordan, March 01, 2019, 06:21:21 PM

Previous topic - Next topic

rcjordan


ukgimp


rcjordan

>email

QuoteIf you set up an account and the site sends you an email which lists your password, it's likely stored in plaintext.

How to Tell If a Site Stores Passwords as Plaintext
https://www.makeuseof.com/tag/sites-passwords-plaintext/

littleman

Damn, that is a huge list with some big names in there too.  It reminds me of when I was looking at a shopping cart program that saved the CC info in plain text.  I searched for the default file name Altavista (yes it was a long time ago) and found hundreds of files with credit card numbers on them.

ergophobe

It's funny. You look at some code and you see they are still storing passwords as MD5 hashes and you think "Do they know nothing?"

And then you find out some people don't hash at all.