Saving the password in an unsecure environment IN RAW TEXT.
Ed
On May 21, 2012, at 7:32 PM, Paul Gilmartin wrote:
On Mon, 21 May 2012 17:23:37 -0500, Ed Gould wrote:
Agreed...(about screen scraping). I have run into a few over the last
40 something years. bIt is just plain a DON'T DO IT.
Twice I have been called in at 0000 something in the morning because
some IDIOT thought it was a "good" idea. Not only didn't they tell
anybody they were buying some product that did it they never thought
something would change. 20 or so years ago we went from TCAM to VTAM
and actually had two "applications" die one of the people claimed it
was my fault (he had signed off on the change request no less). One
presented such a security exposure that when I found out I just went
to the auditor and let me have a run at the people. ...
How was it a security exposure? For example, was it worse than
photographing the screen with a smart phone (but are camera
phones prohibited effectively at your site?) and passing the
result to an OCR program?
-- gil
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN
