Wow. That gets my vote for weakest security argument of 2005. That said, if the entire HoF membership list, passwords and all, were compromised, it isn't very likely anyone would notice. What's the worst someone could do with your login - subscribe you to cf-community?
The thing that really makes this ugly is that you have many people dumb enough to re-use passwords at sites like HoF that they've used other places where security is a lot more critical. A few years back we kept unhashed passwords in our database and I found that I could take about 1/3 of them and log in to things like Yahoo! mail and even PayPal. You might think software developers and the other folks on this list would be smart enough not to do this, but people are basically lazy. I've seen system and network administrators who use the same password for every root and admin account they have. It's sobering. ----- Original Message ----- From: "Michael Dinowitz" <[EMAIL PROTECTED]> To: "CF-Talk" <[email protected]> Sent: Thursday, March 03, 2005 4:24 PM Subject: RE: cf-community and something pretty damn funny! >I don't let anyone other than myself have access to the machine and am > rather paranoid about security. Don't share subscriber lists, etc. > So no, the passwords are not hashed. As for encrypted, I do have the > decrypt > keys. :) > >> > From: Michael Dinowitz [mailto:[EMAIL PROTECTED] >> > I logged in with your username/password and went to the CF-Community >> > subscribe page and signed you up. No problems. What problem >> > were you having >> > subscribing? >> >> No hashed passwords? Not even encrypted? :-() ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:197406 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
