homepage Welcome to WebmasterWorld Guest from 54.234.60.133
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor
Visit PubCon.com
Home / Forums Index / WebmasterWorld Feedback Forums / WebmasterWorld Feedback Days
Forum Library, Charter, Moderators: brett tabke

WebmasterWorld Feedback Days Forum

  posting off  
Hash the passwords
novanet




msg:4141306
 4:52 am on May 27, 2010 (gmt 0)

Got the feedback email, went to login, but I forgot which password I used to sign-up with. No problem, I used the lost password form.

The problem is, when the email arrives, instead of a reset link, I see my password starring at me in plain text.

I'm not suggesting you take security lightly, but storing passwords in the clear is a disaster waiting to happen.

I realize implementing hashing would be a big task, but it really has to be done IMO.

 

defone




msg:4141390
 6:49 am on May 27, 2010 (gmt 0)

Yes, this is definitely required. And seriously, it is not even that big thing to do.

Jim Westergren




msg:4141582
 9:55 am on May 27, 2010 (gmt 0)

Yes, this should be a priority in my opinion.

blaze




msg:4141665
 11:30 am on May 27, 2010 (gmt 0)

Yikes.

blueyed




msg:4141789
 1:20 pm on May 27, 2010 (gmt 0)

It is not just the password not being hashed (which is bad practice), but especially the password being sent in clear text via email.
The latter would not be possible with hashed passwords, so hashing passwords solves both issues.

Fotiman




msg:4141941
 3:26 pm on May 27, 2010 (gmt 0)

I agree with this as well.

MWpro




msg:4142503
 3:06 am on May 28, 2010 (gmt 0)

I wasn't aware of this. Pretty outraging.

hotrod4x5




msg:4142509
 3:14 am on May 28, 2010 (gmt 0)

Agreed, fix this problem.

morehawes




msg:4142724
 9:32 am on May 28, 2010 (gmt 0)

I agree, a little scary when you think about it.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld Feedback Forums / WebmasterWorld Feedback Days
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved