It's 2018 and this site still stores clear text passwords (truncated to 8 characters, apparently), sends those passwords via clear text email, and uses clear text HTTP by default.
There has already been a breach, almost a decade ago, where passwords got stolen (including mine), and TLS certificates have been free through Let's Encrypt for 2 years now. I find the continued use of clear text HTTP and passwords very irresponsible and wonder what's keeping the dear admins from implementing modern security measures.
Juerd
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: Clear text passwords
by LanX (Saint) on Jun 05, 2018 at 01:07 UTC | |
Re: Clear text passwords
by trippledubs (Deacon) on Jun 05, 2018 at 02:53 UTC | |
by stevieb (Canon) on Jun 05, 2018 at 23:55 UTC | |
by LanX (Saint) on Jun 06, 2018 at 00:46 UTC | |
by trippledubs (Deacon) on Jun 06, 2018 at 12:48 UTC | |
A reply falls below the community's threshold of quality. You may see it by logging in. |
Back to
Perl Monks Discussion